CVE-2023-45735

Published: Feb 6, 2024Modified: Nov 21, 2024

8.0

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.1 / Impact: 5.9

Source: NVD

Description

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.

Affected (1)

Products: Westermo: L206 F2g Firmware

Westermo

1 product

L206 F2g Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Westermo L206 F2g Firmware	Version 4.24

Running on/with	Platform Versions
Westermo L206 F2g	All versions

Related CWEs

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (2)

https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.