CVE-2023-49140

Published: Dec 12, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

Affected (10)

Products: Jtekt: Gc A22w Cw Firmware, Gc A24w C(w) Firmware, Gc A26w C(w) Firmware, Gc A24 Firmware, Gc A24 M Firmware, Gc A25 Firmware, Gc A26 Firmware, Gc A26 J2 Firmware, Gc A27 C Firmware, Gc A28 C Firmware

Jtekt

10 products

Gc A22w Cw Firmware

Gc A24w C(w) Firmware

Gc A26w C(w) Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A22w Cw Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A22w Cw	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A24w C(w) Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A24w C(w)	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A26w C(w) Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A26w C(w)	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A24 Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A24	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A24 M Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A24 M	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A25 Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A25	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A26 Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A26	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A26 J2 Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A26 J2	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A27 C Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A27 C	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Gc A28 C Firmware	All versions

Running on/with	Platform Versions
Jtekt Gc A28 C	All versions

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

https://jvn.jp/en/jp/JVN34145838/

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.electronics.jtekt.co.jp/en/topics/202312116562/

Source: vultures@jpcert.or.jp

Vendor Advisory

https://jvn.jp/en/jp/JVN34145838/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.electronics.jtekt.co.jp/en/topics/202312116562/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.