CVE-2023-25915

Summary

Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.

Affected Software

VendorProductVersion RangeStatus
DanfossAK-SM800A< 3.3affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

Workarounds

Upgrade to the latest patch, which is version 3.3.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References