CVE-2023-45735
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Westermo | Lynx | L206-F2G1 | affected |
| Westermo | Lynx | 4.24 | affected |
Weaknesses
- CWE-94: CWE-94 Code Injection
Workarounds
Westermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities. The reported code injection vulnerability will be mitigated in a future report.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.