CVE-2023-43627

Summary

Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.

Affected Software

VendorProductVersion RangeStatus
FURUNO SYSTEMS Co.,Ltd.ACERA 1320firmware ver.01.26 and earlieraffected
FURUNO SYSTEMS Co.,Ltd.ACERA 1310firmware ver.01.26 and earlieraffected

Weaknesses

  • Path traversal

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References