CVE-2023-37226

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 10, 2024
CWE ID 287

Summary

CVE-2023-37226 identifies a critical vulnerability in Loftware Spectrum prior to version 4.6 HF14, characterized by missing authentication for a critical function. This flaw can lead to significant risks, including high impacts on confidentiality, integrity, and availability, with an overall CVSS base score of 9.8 indicating its severity. Exploitation does not require user interaction or elevated privileges, making it particularly dangerous as it can be executed remotely over a network. Organizations are advised to remediate this vulnerability by upgrading to the latest version of Loftware Spectrum (4.6 HF14 or later). Failure to address this issue may allow unauthorized access and control over affected systems, posing serious security risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share