8.1
CVE-2023-49610
- EPSS 0.03%
- Veröffentlicht 01.02.2024 23:15:10
- Zuletzt bearbeitet 21.11.2024 08:33:38
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginMachineSense FeverWarn Raspberry Pi-based devices lack input sanitization, which could allow an attacker on an adjacent network to send a message running commands or could overflow the stack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Machinesense ≫ Feverwarn Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.068 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
| ics-cert@hq.dhs.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.