exploitDog

CVE-2023-28610

Опубликовано: 23 мар. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

The update process in OMICRON StationGuard and OMICRON StationScout before 2.21 can be exploited by providing a modified firmware update image. This allows a remote attacker to gain root access to the system.

Ссылки

https://www.omicronenergy.com/en/support/product-security/
Vendor Advisory
https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-security/osa-5.txt
Vendor Advisory
https://www.omicronenergy.com/en/support/product-security/
Vendor Advisory
https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-security/osa-5.txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:omicronenergy:stationguard:*:*:*:*:*:*:*:*

Версия до 2.20 (включая)

cpe:2.3:a:omicronenergy:stationscout:*:*:*:*:*:*:*:*

Версия до 2.20 (включая)

EPSS

Процентиль: 55%

0.0033

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-347

Связанные уязвимости

GHSA-84p4-29fv-4cpr

CVSS3: 9.8

github

почти 3 года назад

The update process in OMICRON StationGuard and OMICRON StationScout before 2.21 can be exploited by providing a modified firmware update image. This allows a remote attacker to gain root access to the system.

EPSS

Процентиль: 55%

0.0033

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-347