CVE-2023-27309
published 2023-03-14CVE-2023-27309: A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | ruggedcom_crossbow | < 5.2 | 5.2 |
| siemens | ruggedcom_crossbow | — | — |