Lucene search

[email protected]CVE-2023-37220

HistorySep 03, 2023 - 2:15 p.m.

CVE-2023-37220

2023-09-0314:15:41

CWE-494

[email protected]

web.nvd.nist.gov

cve-2023-37220

synel terminals

cwe-494

download of code

integrity check

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.1%

JSON

Synel Terminals - CWE-494: Download of Code Without Integrity Check

Affected configurations

NVD

Node

synelsynergy\/aMatch-

AND

synelsynergy\/a_firmwareRange<3015.1

Node

synelsynergy_touchMatch-

AND

synelsynergy_touch_firmwareRange<3015.1

Node

synelsynergy_10Match-

AND

synelsynergy_10_firmwareRange<3015.1

Node

synelsynergy_5Match-

AND

synelsynergy_5_firmwareRange<3015.1

Node

synelsy-910Match-

AND

synelsy-910_firmwareRange<3015.1

Node

synelsynergy\/xMatch-

AND

synelsynergy\/x_firmwareRange<3015.1

Node

synelsy110_faceMatch-

AND

synelsy110_face_firmwareRange<3015.1

Node

synelbioentry-w2Match-

AND

synelbioentry-w2_firmwareRange<3015.1

Node

synelbiolite-n2_firmwareRange<3015.1

AND

synelbiolite-n2Match-

Node

synelbioentry_p2_firmwareRange<3015.1

AND

synelbioentry_p2Match-

Node

synelsy-711_firmwareRange<3015.1

AND

synelsy-711Match-

Node

synelsy-715_firmwareRange<3015.1

AND

synelsy-715Match-

Node

synelsy-751_firmwareRange<3015.1

AND

synelsy-751Match-

Node

synelsy-755_firmwareRange<3015.1

AND

synelsy-755Match-

Node

synelsy-777_firmwareRange<3015.1

AND

synelsy-777Match-

Node

synelsy-785_firmwareRange<3015.1

AND

synelsy-785Match-

Node

synelsy-765_firmwareRange<3015.1

AND

synelsy-765Match-

Node

synelsy-7500_firmwareRange<3015.1

AND

synelsy-7500Match-

Node

synelsy-745_firmwareRange<3015.1

AND

synelsy-745Match-

Node

synelsy-780_firmwareRange<3015.1

AND

synelsy-780Match-

Node

synelsynergy_firmwareRange<3015.1

AND

synelsynergyMatch-

CPENameOperatorVersion
synel:synergy\/a_firmwaresynel synergy/a firmwarelt3015.1

CPE	Name	Operator	Version
synel:synergy\/a_firmware	synel synergy/a firmware	lt	3015.1

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Terminals",
    "vendor": "Synel ",
    "versions": [
      {
        "lessThan": "Upgrade to version 3015.1",
        "status": "affected",
        "version": "All versions",
        "versionType": "custom"
      }
    ]
  }
]

References

www.gov.il/en/Departments/faq/cve_advisories

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.1%

JSON

Related for CVE-2023-37220

prion1 cvelist1 nvd1