CVE-2023-3768

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ingeteam:ingepac_da3451_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ingeteam:ingepac_da3451:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:ingeteam:ingepac_ef_md_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ingeteam:ingepac_ef_md:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:18

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 8.6
References () https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products - Third Party Advisory () https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products - Third Party Advisory

06 Oct 2023, 14:02

Type Values Removed Values Added
CPE cpe:2.3:h:ingeteam:ingepac_ef_md:-:*:*:*:*:*:*:*
cpe:2.3:o:ingeteam:ingepac_ef_md_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:ingeteam:ingepac_da3451_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ingeteam:ingepac_da3451:-:*:*:*:*:*:*:*
cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:*
First Time Ingeteam ingepac Ef Md Firmware
Ingeteam ingepac Fc5066
Ingeteam ingepac Ef Md
Ingeteam ingepac Fc5066 Firmware
Ingeteam ingepac Da3451
Ingeteam ingepac Da3451 Firmware
Ingeteam
CWE CWE-20
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products - (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products - Third Party Advisory

02 Oct 2023, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-02 11:15

Updated : 2024-11-21 08:18


NVD link : CVE-2023-3768

Mitre link : CVE-2023-3768

CVE.ORG link : CVE-2023-3768


JSON object : View

Products Affected

ingeteam

  • ingepac_fc5066_firmware
  • ingepac_fc5066
  • ingepac_ef_md
  • ingepac_ef_md_firmware
  • ingepac_da3451
  • ingepac_da3451_firmware
CWE
CWE-20

Improper Input Validation