← Back to CVEs
CVE-2023-34671
HIGH8.8
Description
Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published6/23/2023
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
elenos:etg150_fmelenos:etg150_fm_firmware
References
http://elenos.com(cve@mitre.org)
http://elenos.com(af854a3a-2127-422b-91ae-364da2661108)
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.