← Retour aux CVEs
CVE-2023-27408
LOW3.3
Description
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects.
Details CVE
Score CVSS v3.13.3
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie5/9/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
siemens:scalance_lpe9403siemens:scalance_lpe9403_firmware
Faiblesses (CWE)
CWE-378
References
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf(productcert@siemens.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.