CVE-2023-44318

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Nov 14, 2023

Updated: Jan 14, 2025

CWE ID 321

Summary

CVE-2023-44318 reveals that certain devices employ a hardcoded key for obfuscating configuration backups. This security flaw poses a risk as an authenticated administrator or attacker gaining access to a backup file can extract sensitive configuration details due to this hardcoded key. The vulnerability could potentially lead to unauthorized access, data breaches, or other malicious activities. It is crucial for device owners to apply the necessary patches or updates to mitigate this risk and secure their configurations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0tnyd
https://www.cve.org/CVERecord?id=CVE-2023-44318
https://nvd.nist.gov/vuln/detail/CVE-2023-44318

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-44318

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations