CVE-2023-45735

Summary

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.

Affected Software

VendorProductVersion RangeStatus
WestermoLynxL206-F2G1affected
WestermoLynx4.24affected

Weaknesses

  • CWE-94: CWE-94 Code Injection

Workarounds

Westermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.  The reported code injection vulnerability will be mitigated in a future report.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References