CVE-2023-40158

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 23, 2023
Updated: Aug 29, 2023

Summary

CVE-2023-40158 is a hidden functionality vulnerability affecting certain CBC products. This issue permits a remote, authenticated attacker to execute arbitrary OS commands or alter settings on the device. The specific products and their versions that are vulnerable have been identified by the vendor. It is important to note that several older product series, including NR4H, NR8H, NR16H, DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, and DR-4M41, are no longer supported and will not receive updates to address this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share