CVSS Score of 10 (low)


Published Jul 18, 2023
Updated: Jul 28, 2023
CWE ID 306


CVE-2023-36669, also known as Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4, is a vulnerability that allows remote attackers to gain arbitrary control of the IDU/ODU system. The affected product is the Kratos NGC Indoor Unit (IDU). Attackers can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU if they have layer-3 network access to it. The potential danger of this vulnerability is high, as it can lead to unauthorized control of the IDU/ODU system. To remediate this issue, it is recommended to update the Kratos NGC Indoor Unit to version 11.4 or newer.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-36669 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options