Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
06 Oct 2023, 14:02
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products - Third Party Advisory | |
CPE | cpe:2.3:h:ingeteam:ingepac_ef_md:-:*:*:*:*:*:*:* cpe:2.3:o:ingeteam:ingepac_ef_md_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:ingeteam:ingepac_da3451_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:ingeteam:ingepac_da3451:-:*:*:*:*:*:*:* cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:* |
|
First Time |
Ingeteam ingepac Ef Md Firmware
Ingeteam ingepac Fc5066 Ingeteam ingepac Ef Md Ingeteam ingepac Fc5066 Firmware Ingeteam ingepac Da3451 Ingeteam ingepac Da3451 Firmware Ingeteam |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-20 |
02 Oct 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-02 11:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-3768
Mitre link : CVE-2023-3768
CVE.ORG link : CVE-2023-3768
JSON object : View
Products Affected
ingeteam
- ingepac_da3451_firmware
- ingepac_fc5066_firmware
- ingepac_fc5066
- ingepac_ef_md
- ingepac_da3451
- ingepac_ef_md_firmware
CWE
CWE-20
Improper Input Validation