CVE-2023-5630

Published: Dic 14, 2023 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2023-57923 Aliases: GSD-2023-5630
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: high
Availability: high

Description

AI Translation Available

A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a
privileged user to install an untrusted firmware.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0010
Percentile
0,3th
Updated

EPSS Score Trend (Last 90 Days)

494

Download of Code Without Integrity Check

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Confidentiality Other
Potential Impacts:
Execute Unauthorized Code Or Commands Alter Execution Logic Other
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Medium
View CWE Details
Operating System

Eh450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Eh450 Firmware
Version -
cpe:2.3:o:schneider-electric:eh450_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eh45E Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Eh45E Firmware
Version -
cpe:2.3:o:schneider-electric:eh45e_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eb450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Eb450 Firmware
Version -
cpe:2.3:o:schneider-electric:eb450_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Jr900 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Jr900 Firmware
Version -
cpe:2.3:o:schneider-electric:jr900_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qr150 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qr150 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qr150_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Jr240 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Jr240 Firmware
Version -
cpe:2.3:o:schneider-electric:jr240_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qb150 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qb150 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qb150_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qb450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qb450 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qb450_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qh150 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qh150 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qh150_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qp450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qp450 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qp450_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Er450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Er450 Firmware
Version -
cpe:2.3:o:schneider-electric:er450_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qh450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qh450 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qh450_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qr450 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qr450 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qr450_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Er45E Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Er45E Firmware
Version -
cpe:2.3:o:schneider-electric:er45e_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eb45E Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Eb45E Firmware
Version -
cpe:2.3:o:schneider-electric:eb45e_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Qp150 Firmware by Schneider-Electric

Product Information
Vendor Schneider-Electric
Product Qp150 Firmware
Version Range Affected
To 2.7.0 (exclusive)
cpe:2.3:o:schneider-electric:qp150_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://download.schneider-electric.com/files?p_Doc_Ref=SEV…
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDo…
https://download.schneider-electric.com/files?p_Doc_Ref=SEV…
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDo…