CVE-2023-46389

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 30, 2023
Updated: Dec 14, 2023

Summary

CVE-2023-46389 is a vulnerability found in LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4. This vulnerability allows remote attackers to gain access to sensitive information on the LINX configuration by exploiting an issue in the registry.xml file. The base severity of this vulnerability is rated as HIGH, with a base score of 7.5 out of 10. The confidentiality impact is also rated as HIGH, posing a significant danger to organizations using these affected products. No user interaction or privileges are required for exploitation, and the attack vector is through the network. The vulnerability has not been changed since its discovery, and its exploitability score is 3.9 out of 10. To remediate this vulnerability, it is recommended to update the firmware of the affected LOYTEC electronics GmbH LINX devices to a version that includes a fix for this issue. Applying the latest firmware updates will mitigate the incorrect access control problem in the registry.xml file, preventing remote attackers from accessing sensitive information. It is crucial for organizations using these affected products to address this vulnerability promptly as it could lead to unauthorized access to confidential data, potentially resulting in data breaches or other security incidents.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46389 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options