CVE-2023-27410
published 2023-05-09CVE-2023-27410: A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app`…
low2.7CVSS 3.1
AVNACLPRHUINSUCNINAL
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | scalance_lpe9403 | — | — |
| siemens | scalance_lpe9403_firmware | < 2.1 | 2.1 |