CVE-2023-5592

CWE-4943 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 65.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Phoenix Contact MultiprogPhoenix Contact Proconos Eclr (sdk)
Timeline
PublishedDec 14

Description

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to download and execute applications without integrity checks on the device which may result in a complete loss of integrity.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
Phoenix Contact: ProConOs prone to Download of Code Without Integrity Check2023-12-14
GHSA
GHSA-f98h-m8p3-7jp3: Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated rem2023-12-14
CVE-2023-5592 (HIGH CVSS 7.5) | Download of Code Without Integrity | cvebase.io