CVE-2023-42771

Summary

Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode.

Affected Software

VendorProductVersion RangeStatus
FURUNO SYSTEMS Co.,Ltd.ACERA 1320firmware ver.01.26 and earlieraffected
FURUNO SYSTEMS Co.,Ltd.ACERA 1310firmware ver.01.26 and earlieraffected

Weaknesses

  • Authentication bypass

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References