CVE-2023-48264

Summary

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.

Affected Software

VendorProductVersion RangeStatus
RexrothNexo cordless nutrunner NXA015S-36V (0608842001)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA030S-36V (0608842002)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA050S-36V (0608842003)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXP012QD-36V (0608842005)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA015S-36V-B (0608842006)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA030S-36V-B (0608842007)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA050S-36V-B (0608842008)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXP012QD-36V-B (0608842010)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA011S-36V (0608842011)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA011S-36V-B (0608842012)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA065S-36V (0608842013)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXA065S-36V-B (0608842014)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXV012T-36V (0608842015)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo cordless nutrunner NXV012T-36V-B (0608842016)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2272)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2301)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2514)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2515)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2666)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected
RexrothNexo special cordless nutrunner (0608PE2673)NEXO-OS V1000-Release <= NEXO-OS V1500-SP2affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References