CVE-2023-36624

CVSS Score of 10 (low)

Details

Published Jul 5, 2023
Updated: Jul 12, 2023
CWE ID 862

Summary

CVE-2023-36624 is a vulnerability in Loxone Miniserver Go Gen.2 through 14.0.3.28 that allows an authenticated operating system user to escalate privileges via the Sudo configuration. This vulnerability enables the user to execute binaries without needing a password, potentially leading to unauthorized access and control over the affected system. Organizations using these versions of Loxone Miniserver Go should apply the necessary updates or patches provided by the vendor to remediate this vulnerability and prevent potential exploitation. The National Vulnerability Database (NVD) rates this vulnerability as high severity, with a CVSS score of 7.8, emphasizing the significance of addressing this issue promptly to protect confidentiality, integrity, and availability of systems.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-36624 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options