CVE-2023-6355
6.8
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug.
This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Gallagher | Controller 7000 | 9.00 < vCR9.00.231204b | affected |
| Gallagher | Controller 7000 | 8.90 < vCR8.90.231204a | affected |
| Gallagher | Controller 7000 | 8.80 < vCR8.80.231204a | affected |
| Gallagher | Controller 7000 | 8.70 < vCR8.70.231204a | affected |
Weaknesses
- CWE-1253: CWE-1253: Incorrect Selection of Fuse Values
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.