CVE-2023-0286
published 2023-02-08CVE-2023-0286: There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the…
PriorityP264high7.4CVSS 3.1
AVNACHPRNUINSUCHINAH
EPSS
59.50%
99.0th percentile
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but
the public structure definition for GENERAL_NAME incorrectly specified the type
of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by
the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an
ASN1_STRING.
When CRL checking is enabled (i.e. the application sets the
X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass
arbitrary pointers to a memcmp call, enabling them to read memory contents or
enact a denial of service. In most cases, the attack requires the attacker to
provide both the certificate chain and CRL, neither of which need to have a
valid signature. If the attacker only controls one of these inputs, the other
input must already contain an X.400 address as a CRL distribution point, which
is uncommon. As such, this vulnerability is most likely to only affect
applications which have implemented their own functionality for retrieving CRLs
over a network.
Affected
60 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cryptography.io | cryptography | >= 0.8.1 < 39.0.1 | 39.0.1 |
| debian | openssl | < openssl 3.0.8-1 (bookworm) | openssl 3.0.8-1 (bookworm) |
| msrc | azl3_edk2_20230301gitf80f052277c8-37_on_azure_linux_3.0 | — | — |
| msrc | azl3_hvloader_1.0.1-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_hvloader_1.0.1-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_python-tensorboard_2.16.2-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.75.0-14_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.86.0-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_cloud-hypervisor_30.0-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hvloader_1.0.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_openssl_1.1.1k-21_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_python-tensorboard_2.11.0-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_reaper_3.1.1-6_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_rust_1.68.2-5_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_cloud-hypervisor_22.0-2_on_cbl_mariner_1.0 | — | — |
| msrc | cm1_openssl_1.1.1k-13_on_cbl_mariner_1.0 | — | — |
| msrc | cm1_rust_1.59.0-1_on_cbl_mariner_1.0 | — | — |
| nodejs | nodejs | >= 0 < 12.22.9~dfsg-1ubuntu3.3 | 12.22.9~dfsg-1ubuntu3.3 |
| openssl | openssl | >= 0 < 1.1.1t-r0 | 1.1.1t-r0 |
| openssl | openssl | >= 0 < 1.1.1t-r0 | 1.1.1t-r0 |
| openssl | openssl | >= 0 < 1.1.1t-r0 | 1.1.1t-r0 |
| openssl | openssl | >= 0 < 3.0.8-r0 | 3.0.8-r0 |
| openssl | openssl | >= 0 < 3.0.8-r0 | 3.0.8-r0 |
| openssl | openssl | >= 0 < 3.0.8-r0 | 3.0.8-r0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger condition: CRL checking must be enabled via X509_V_FLAG_CRL_CHECK flag; monitor applications that set this flag and receive externally supplied certificate chains and CRLs ↗
- →Attack vector: attacker supplies both a crafted certificate chain and a crafted CRL — neither requires a valid signature; inspect TLS/CRL inputs for X.400 addresses in GeneralName fields ↗
- →Narrow-scope indicator: presence of an X.400 address in a CRL distribution point field of a certificate or CRL is a strong anomaly indicator worth alerting on ↗
- →Highest-risk application profile: applications that implement their own CRL retrieval over a network (not relying on OS/library defaults) are the primary target surface ↗
- →Vulnerable function: GENERAL_NAME_cmp in OpenSSL misinterprets x400Address as ASN1_TYPE instead of ASN1_STRING; crash or memory-read via memcmp with attacker-controlled pointer is the observable effect ↗
- ·Exploitation requires CRL checking to be explicitly enabled; applications that do not set X509_V_FLAG_CRL_CHECK are not affected ↗
- ·shim in Red Hat Enterprise Linux 8 & 9 is not affected because shim does not support any CRL processing ↗
- ·Siemens BFCClient workaround: disable CRL checking if patching to V2.17 is not immediately possible ↗
- ·If the attacker controls only one input (certificate chain OR CRL), exploitation is significantly harder and requires the other input to already contain an X.400 address CRL distribution point ↗
CVSS provenance
nvdv3.17.4HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
ghsa7.4HIGH
osv7.5HIGH
vendor_ubuntu7.5HIGH
vendor_debian7.4HIGH
vendor_msrc7.4HIGH
vendor_oracle7.4HIGH
vendor_redhat7.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
EDK II regression
vendor_ubuntu·2025-11-28·CVSS 5.8
CVE-2023-45236 [MEDIUM] EDK II regression
Title: EDK II regression
Summary: USN-7894-1 introduced a regression in EDK II
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a
regression in the UEFI network boot. This update reverts the corresponding
fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS
Ubuntu
EDK II vulnerabilities
vendor_ubuntu·2025-11-26·CVSS 7.4
CVE-2023-45236 [HIGH] EDK II vulnerabilities
Title: EDK II vulnerabilities
Summary: Several security issues were fixed in EDK II.
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that the EDK II PE/COFF loader incorrectly handled
certain memory operations. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. This issue o
CISA ICS
Siemens BFCClient
cisa_ics·2025-08-14
Siemens BFCClient
ICS Advisory
##
Siemens BFCClient
Release DateAugust 14, 2025
Alert CodeICSA-25-226-21
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: BFCClient
- Vulnerabilities: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Read, Loop with Unreachabl
CISA ICS
ABB M2M Gateway
cisa_ics·2025-04-15
ABB M2M Gateway
ICS Advisory
##
ABB M2M Gateway
Release DateApril 15, 2025
Alert CodeICSA-25-105-08
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: ABB
- Equipment: M2M Gateway
- Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing Release of Memory after Effective Lifetime, Allocation of Resources Without Limits or Throttling, Improper Privilege Management, Improper Limitati
CISA ICS
Hitachi Energy PCU400
cisa_ics·2025-03-06
Hitachi Energy PCU400
ICS Advisory
##
Hitachi Energy PCU400
Release DateMarch 06, 2025
Alert CodeICSA-25-065-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: PCU400, PCULogger
- Vulnerabilities: Access of Resource Using Incompatible Type ('Type Confusion'), NULL Pointer Dereference, Use After Free, Double Free, Observable Discrepancy, Out-of-bounds Read
## 2. RISK EVALUATION
Exploitation of these vulnerabilities could allow an attacker to access or decrypt sensitive data, crash the device application, or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hita
CISA ICS
Siemens SCALANCE W700
cisa_ics·2025-02-13
Siemens SCALANCE W700
ICS Advisory
##
Siemens SCALANCE W700
Release DateFebruary 13, 2025
Alert CodeICSA-25-044-09
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE W700
- Vulnerabilities: Double Free, Improper Restriction of Communication Channel to Intended Endpoints, Improper Resource Sh
Palo Alto
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
vendor_paloalto·2024-11-07·CVSS 6.8
CVE-2014-0195 [MEDIUM] PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the
CVEs: CVE-2014-0195, CVE-2014-0224, CVE-2014-3509, CVE-2014-3512, CVE-2014-3513, CVE-2014-3567, CVE-2015-0209, CVE-2015-0292, CVE-2015-1789, CVE-2015-1791, CVE-2015-1793, CVE-2015-3194, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2019-1551, CVE-2019-1552, CVE-2019-1559, CVE-2019-1563, CVE-2020-196
CISA ICS
Hitachi Energy AFS/AFR Series Products
cisa_ics·2024-07-23·CVSS 7.5
[HIGH] Hitachi Energy AFS/AFR Series Products
ICS Advisory
##
Hitachi Energy AFS/AFR Series Products
Release DateJuly 23, 2024
Alert CodeICSA-24-205-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677
- Vulnerabilities: Type Confusion, Use After Free, Double Free, Observable Discrepancy
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Hitachi Energy AFS/AFR are affected:
- AFS650: Version 9.1.08 and prior
CISA ICS
Siemens SIMATIC and SIPLUS
cisa_ics·2024-06-13
Siemens SIMATIC and SIPLUS
ICS Advisory
##
Siemens SIMATIC and SIPLUS
Release DateJune 13, 2024
Alert CodeICSA-24-165-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Bu
CISA ICS
Siemens TIM 1531 IRC
cisa_ics·2024-06-13·CVSS 5.5
[MEDIUM] Siemens TIM 1531 IRC
ICS Advisory
##
Siemens TIM 1531 IRC
Release DateJune 13, 2024
Alert CodeICSA-24-165-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIPLUS TIM 1531 IRC
- Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Inadequate Encryption Strength, Double Free, Missing
CISA ICS
Siemens SCALANCE XM-400, XR-500
cisa_ics·2024-06-13
Siemens SCALANCE XM-400, XR-500
ICS Advisory
##
Siemens SCALANCE XM-400, XR-500
Release DateJune 13, 2024
Alert CodeICSA-24-165-11
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XM-400/XR-500
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Use-After-Free, Improper Input Validation,
CISA ICS
Siemens Telecontrol Server Basic
cisa_ics·2024-04-11
Siemens Telecontrol Server Basic
ICS Advisory
##
Siemens Telecontrol Server Basic
Release DateApril 11, 2024
Alert CodeICSA-24-102-08
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Telecontrol Server Basic
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Integer Overflow or Wraparound, External Control of File Name or Path, Path Traversal, Improper Input Validation, Missing Encry
Palo Alto
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
vendor_paloalto·2024-04-10·CVSS 9.8
CVE-2015-5739 [CRITICAL] PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution. CVE Summary CVE-2015-5739 This CVE is fixed in PAN-OS 11.0.4, and all later PAN-OS versions. CVE-2016-10228 This CVE is fixed in PAN-OS 11.1.3, and all later PAN-OS versions. CVE-2017-8923 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2017-9120 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2018-25009 This CVE is fixed in PAN-OS 10.2.8, 11.0.4, 11.1.3, and all later PAN-OS versions. CVE-2
Palo Alto
PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
vendor_paloalto·2024-04-05·CVSS 4.3
CVE-2007-2768 [MEDIUM] PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Prisma SD-WAN ION. While Prisma SD-WAN ION may include the
CVEs: CVE-2007-2768, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-20012, CVE-2016-8858, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2021-41617, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-28531, CVE-2023-38408, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767
Affected products: Prisma SD
CISA ICS
Siemens SINEC NMS
cisa_ics·2024-02-15
Siemens SINEC NMS
ICS Advisory
##
Siemens SINEC NMS
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-15
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEC NMS
- Vulnerabilities: Out-of-bounds Read, Inadequate Encryption Strength, Double Free, Use After Free, NULL Pointer Dereference, Improper Input Validation, Missing Encryption of Sensitive Data, Allocation of Resources Wit
CISA ICS
Mitsubishi Electric Factory Automation Products
cisa_ics·2024-01-04·CVSS 5.9
[MEDIUM] Mitsubishi Electric Factory Automation Products
ICS Advisory
##
Mitsubishi Electric Factory Automation Products
Release DateJanuary 04, 2024
Alert CodeICSA-24-004-02
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mitsubishi Electric
- Equipment: Multiple Factory Automation Products
- Vulnerabilities: Observable Timing Discrepancy, Double Free, Access of Resource Using Incompatible Type ('Type Confusion')
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could disclose information in the product or could cause denial-of-service (DoS) condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Factory Automation products are affected:
- GT SoftGOT2000: Versions 1.275M to 1.290C (CVE-2023-0286)
- OPC
Ubuntu
Node.js vulnerabilities
vendor_ubuntu·2024-01-03·CVSS 5.9
CVE-2022-4450 [MEDIUM] Node.js vulnerabilities
Title: Node.js vulnerabilities
Summary: Several security issues were fixed in Node.js.
Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2022-4304)
CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain
inputs. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-4450)
Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled
certain inputs. If a user or an automated system were tricked into opening a
specially crafted input fi
CISA ICS
Hitachi Energy’s RTU500 Series Product (Update B)
cisa_ics·2023-10-19·CVSS 7.4
[HIGH] Hitachi Energy’s RTU500 Series Product (Update B)
ICS Advisory
##
Hitachi Energy’s RTU500 Series Product (Update B)
Last RevisedOctober 19, 2023
Alert CodeICSA-23-143-02
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: RTU500 Series
- Vulnerabilities: Type Confusion, Observable Timing Discrepancy, Out-of-bounds Read, Infinite Loop, Classic Buffer Overflow
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to crash the device being accessed or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Hitachi Energy's RTU500 Series Product, are affected:
- RTU500 series CMU Firmware: version 12.0.1 through 12.0.15
CISA ICS
Hitachi Energy Lumada APM Edge
cisa_ics·2023-09-12·CVSS 7.5
[HIGH] Hitachi Energy Lumada APM Edge
ICS Advisory
##
Hitachi Energy Lumada APM Edge
Release DateSeptember 12, 2023
Alert CodeICSA-23-255-01
## View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: Lumada Asset Performance Management (APM) Edge
- Vulnerabilities: Use After Free, Double Free, Type Confusion, Observable Discrepancy
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or disclosure of sensitive information.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Hitachi products are affected:
- Lumada APM Edge: Versions 4.0 and prior
- Lumada APM Edge: Version 6.3
## 3.2 Vulnerability Overview
3.2.1
CISA ICS
Siemens Address Processing in SIMATIC
cisa_ics·2023-08-10
Siemens Address Processing in SIMATIC
ICS Advisory
##
Siemens Address Processing in SIMATIC
Release DateAugust 10, 2023
Alert CodeICSA-23-222-07
## As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.4
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerability: Improper Input Validation
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to recover sensitive data or cause a denial-of-service condition.
## 3. TECHNICA
Oracle
Oracle Oracle Communications Risk Matrix: Platform (OpenSSL) — CVE-2023-0286
vendor_oracle·2023-07-15·CVSS 7.4
CVE-2023-0286 [HIGH] Oracle Oracle Communications Risk Matrix: Platform (OpenSSL) — CVE-2023-0286
Oracle Oracle Communications Risk Matrix: Platform (OpenSSL) vulnerability
CVE: CVE-2023-0286
CVSS: 7.4
Protocol: HTTPS
Remote exploit: Yes
Affected versions: Network
Advisory: cpujul2023 (JUL 2023)
CISA ICS
Siemens SIMATIC MV500 Devices
cisa_ics·2023-07-13·CVSS 4.3
[MEDIUM] Siemens SIMATIC MV500 Devices
ICS Advisory
##
Siemens SIMATIC MV500 Devices
Release DateJuly 13, 2023
Alert CodeICSA-23-194-04
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC MV500 series devices
- Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Missing Release of Memory after Effective Lifetime, Injection, Inadequate Encryption Strength, Double Free, Incomplete Cleanup, Observable Discrepancy, Improper Locking, Use After Free, Improper Input Validation
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to read memory contents, disclose information, or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFF
CISA ICS
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
cisa_ics·2023-06-15·CVSS 5.5
[MEDIUM] Siemens SIMATIC S7-1500 TM MFP Linux Kernel
ICS Advisory
##
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
Release DateJune 15, 2023
Alert CodeICSA-23-166-11
## As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely / low attack complexity / public exploits available
- Vendor: Siemens ProductCERT
- Equipment: SIMATIC S7-1500 TM MFP
- Vulnerabilities: Multiple vulnerabilities
## 2. RISK EVALUATION
Exploitation of these vulnerabilities could lead to denial-of-service, crashing t
CISA ICS
Siemens SCALANCE W1750D Devices
cisa_ics·2023-03-16·CVSS 5.9
[MEDIUM] Siemens SCALANCE W1750D Devices
ICS Advisory
##
Siemens SCALANCE W1750D Devices
Release DateMarch 16, 2023
Alert CodeICSA-23-075-04
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.4
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: SCALANCE W1750D
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Use After Free, Improper Input Validation
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to read memory contents, decryp
BSD
FreeBSD-SA-23:03.openssl: Multiple vulnerabilities in OpenSSL
bsd_advisories·2023-02-16·CVSS 5.9
CVE-2022-4304 [MEDIUM] FreeBSD-SA-23:03.openssl: Multiple vulnerabilities in OpenSSL
FreeBSD-SA-23:03.openssl Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in OpenSSL
Category: contrib
Module: openssl
Announced: 2023-02-16
Credits: See referenced OpenSSL advisory.
Affects: All supported versions of FreeBSD.
Corrected: 2023-02-07 22:38:40 UTC (stable/13, 13.1-STABLE)
2023-02-16 17:58:13 UTC (releng/13.1, 13.1-RELEASE-p7)
2023-02-07 23:09:41 UTC (stable/12, 12.4-STABLE)
2023-02-16 18:04:12 UTC (releng/12.4, 12.4-RELEASE-p2)
2023-02-16 18:03:37 UTC (releng/12.3, 12.3-RELEASE-p12)
CVE Name: CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
FreeBSD includes sof
Microsoft
X.400 address type confusion in X.509 GeneralName
vendor_msrc·2023-02-14·CVSS 7.4
CVE-2023-0286 [HIGH] CWE-843 X.400 address type confusion in X.509 GeneralName
X.400 address type confusion in X.509 GeneralName
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
openssl: openssl
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.m
Palo Alto
PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
vendor_paloalto·2023-02-08·CVSS 4.9
CVE-2023-0286 [MEDIUM] PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL vulnerabilities that were disclosed on February 7, 2023 (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401) as it relates to our products. At this time, there are no demonstrated scenarios that enable successful
CVEs: CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401
Affected products: Cortex Data, Cortex XDR, Cortex XSOAR, Cortex Xpanse, GlobalProtect, PAN-OS, Prisma Access, Prisma Cloud, Prisma SD
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2023-02-07·CVSS 7.5
CVE-2023-0286 [HIGH] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)
Instructions: After a standard system updat
Red Hat
openssl: X.400 address type confusion in X.509 GeneralName
vendor_redhat·2023-02-07·CVSS 7.4
CVE-2023-0286 [HIGH] CWE-704 openssl: X.400 address type confusion in X.509 GeneralName
openssl: X.400 address type confusion in X.509 GeneralName
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but
the public structure definition for GENERAL_NAME incorrectly specified the type
of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by
the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an
ASN1_STRING.
When CRL checking is enabled (i.e. the application sets the
X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass
arbitrary pointers to a memcmp call, enabling them to read memory contents or
enact a denial of service. In most cases, the attack requires the attacker to
provide both the certificate chain and CRL, nei
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2023-02-07·CVSS 7.5
CVE-2023-0286 [HIGH] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2023-02-07·CVSS 4.9
CVE-2023-0217 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate
verification. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203)
Hubert Kario discovered that OpenSSL had a timing based side channel in the
OpenSSL RSA Decryption implementation. A remote attacker could possibly use
this issue to recover sensitive inform
Debian
CVE-2023-0286: openssl - There is a type confusion vulnerability relating to X.400 address processing ins...
vendor_debian·2023·CVSS 7.4
CVE-2023-0286 [HIGH] CVE-2023-0286: openssl - There is a type confusion vulnerability relating to X.400 address processing ins...
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacke
OSV
edk2 regression
osv·2025-11-28·CVSS 7.4
CVE-2023-45236 [HIGH] edk2 regression
edk2 regression
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a
regression in the UEFI network boot. This update reverts the corresponding
fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that
OSV
edk2 vulnerabilities
osv·2025-11-26·CVSS 7.4
CVE-2023-45236 [HIGH] edk2 vulnerabilities
edk2 vulnerabilities
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that the EDK II PE/COFF loader incorrectly handled
certain memory operations. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2024-38
OSV
nodejs vulnerabilities
osv·2024-01-03·CVSS 5.9
CVE-2022-4304 [MEDIUM] nodejs vulnerabilities
nodejs vulnerabilities
Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2022-4304)
CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain
inputs. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-4450)
Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled
certain inputs. If a user or an automated system were tricked into opening a
specially crafted input file, a remote attacker could possibly use this issue
to cause a de
OSV
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
osv·2023-02-14·CVSS 7.4
[HIGH] Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
sgx-dcap-quote-verify-python includes a statically linked copy of OpenSSL. The version of OpenSSL included in sgx-dcap-quote-verify-python 0.0.1..0.0.2 is vulnerable to a security issue. More details about the OpenSSL vulnerabilities themselves can be found at https://www.openssl.org/news/secadv/20230207.txt.
## Analysis
The binding includes OpenSSL version 1.1.1s which is vulnerable to the vulnerabilities disclosed in [OpenSSL Security Advisory from the 7th February 2023](https://www.openssl.org/news/secadv/20230207.txt).
The binding does not directly use OpenSSL. The binding calls the SGX Quote Verification Library which uses OpenSSL.
## Explanation
The SGX Quote Verification Library uses OpenSSL as a dependency to perform it
GHSA
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
ghsa·2023-02-14·CVSS 7.4
[HIGH] Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
sgx-dcap-quote-verify-python includes a statically linked copy of OpenSSL. The version of OpenSSL included in sgx-dcap-quote-verify-python 0.0.1..0.0.2 is vulnerable to a security issue. More details about the OpenSSL vulnerabilities themselves can be found at https://www.openssl.org/news/secadv/20230207.txt.
## Analysis
The binding includes OpenSSL version 1.1.1s which is vulnerable to the vulnerabilities disclosed in [OpenSSL Security Advisory from the 7th February 2023](https://www.openssl.org/news/secadv/20230207.txt).
The binding does not directly use OpenSSL. The binding calls the SGX Quote Verification Library which uses OpenSSL.
## Explanation
The SGX Quote Verification Library uses OpenSSL as a dependency to perform it
OSV
CVE-2023-0286: There is a type confusion vulnerability relating to X
osv·2023-02-08·CVSS 7.4
CVE-2023-0286 [HIGH] CVE-2023-0286: There is a type confusion vulnerability relating to X
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacke
OSV
CVE-2023-0286: There is a type confusion vulnerability relating to X
osv·2023-02-08·CVSS 7.4
CVE-2023-0286 [HIGH] CVE-2023-0286: There is a type confusion vulnerability relating to X
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but
the public structure definition for GENERAL_NAME incorrectly specified the type
of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by
the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an
ASN1_STRING.
When CRL checking is enabled (i.e. the application sets the
X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass
arbitrary pointers to a memcmp call, enabling them to read memory contents or
enact a denial of service. In most cases, the attack requires the attacker to
provide both the certificate chain and CRL, neither of which need to have a
valid signature. If the attack
OSV
Vulnerable OpenSSL included in cryptography wheels
osv·2023-02-08
CVE-2023-0286 [HIGH] Vulnerable OpenSSL included in cryptography wheels
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0 are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and https://www.openssl.org/news/secadv/20230207.txt.
If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
GHSA
Vulnerable OpenSSL included in cryptography wheels
ghsa·2023-02-08
CVE-2023-0286 [HIGH] CWE-843 Vulnerable OpenSSL included in cryptography wheels
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0 are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and https://www.openssl.org/news/secadv/20230207.txt.
If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
OSV
X.400 address type confusion in X.509 `GeneralName`
osv·2023-02-07
CVE-2023-0286 X.400 address type confusion in X.509 `GeneralName`
X.400 address type confusion in X.509 `GeneralName`
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 `GeneralName`. X.400 addresses were parsed as an `ASN1_STRING` but
the public structure definition for `GENERAL_NAME` incorrectly specified the type
of the `x400Address` field as `ASN1_TYPE`. This field is subsequently interpreted by
the OpenSSL function `GENERAL_NAME_cmp` as an `ASN1_TYPE` rather than an
`ASN1_STRING`.
When CRL checking is enabled (i.e. the application sets the
`X509_V_FLAG_CRL_CHECK` flag), this vulnerability may allow an attacker to pass
arbitrary pointers to a `memcmp` call, enabling them to read memory contents or
enact a denial of service. In most cases, the attack requires the attacker to
provide both the certificate chai
OSV
openssl vulnerabilities
osv·2023-02-07·CVSS 7.5
CVE-2023-0286 [HIGH] openssl vulnerabilities
openssl vulnerabilities
USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)
OSV
openssl vulnerabilities
osv·2023-02-07·CVSS 4.9
CVE-2023-0286 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate
verification. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203)
Hubert Kario discovered that OpenSSL had a timing based side channel in the
OpenSSL RSA Decryption implementation. A remote attacker could possibly use
this issue to recover sensitive information. (CVE-2022-4304)
Dawei Wang discovered that OpenSSL incor
OSV
openssl1.0 vulnerabilities
osv·2023-02-07·CVSS 7.5
CVE-2023-0286 [HIGH] openssl1.0 vulnerabilities
openssl1.0 vulnerabilities
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txthttps://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sighttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4dhttps://security.gentoo.org/glsa/202402-08https://www.openssl.org/news/secadv/20230207.txthttps://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txthttps://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sighttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4dhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003https://security.gentoo.org/glsa/202402-08https://www.openssl.org/news/secadv/20230207.txt
2023-02-08
Published