CVE-2023-6355

Summary

Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug.

This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)).

Affected Software

VendorProductVersion RangeStatus
GallagherController 70009.00 < vCR9.00.231204baffected
GallagherController 70008.90 < vCR8.90.231204aaffected
GallagherController 70008.80 < vCR8.80.231204aaffected
GallagherController 70008.70 < vCR8.70.231204aaffected

Weaknesses

  • CWE-1253: CWE-1253: Incorrect Selection of Fuse Values

ADP Enrichment

CVE Program Container

Additional References

References