CVE-2023-40252
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-40252 is a Code Injection vulnerability affecting multiple Genians products, including Genian NAC V4.0, Genian NAC V5.0, Genian NAC Suite V5.0, and Genian ZTNA. The flaw allows an attacker to replace trusted executables, potentially leading to unauthorized code execution. Affected versions of Genian NAC V4.0 range from V4.0.0 to V4.0.155; Genian NAC V5.0, from V5.0.0 to V5.0.42 (Revision 117460); Genian NAC Suite V5.0, from V5.0.0 to V5.0.54; and Genian ZTNA, from V6.0.0 to V6.0.15. Successful exploitation of this vulnerability could result in significant security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Genians