INCIBECVE-2023-3768CVE-2023-3768
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
23.6%
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ingeteam | ingepac_da3451_firmware | - | cpe:2.3:o:ingeteam:ingepac_da3451_firmware:-:*:*:*:*:*:*:* |
| ingeteam | ingepac_da3451 | - | cpe:2.3:h:ingeteam:ingepac_da3451:-:*:*:*:*:*:*:* |
| ingeteam | ingepac_ef_md_firmware | - | cpe:2.3:o:ingeteam:ingepac_ef_md_firmware:-:*:*:*:*:*:*:* |
| ingeteam | ingepac_ef_md | - | cpe:2.3:h:ingeteam:ingepac_ef_md:-:*:*:*:*:*:*:* |
| ingeteam | ingepac_fc5066_firmware | - | cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:-:*:*:*:*:*:*:* |
| ingeteam | ingepac_fc5066 | - | cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "INGEPAC DA3451",
"vendor": "Ingeteam",
"versions": [
{
"status": "affected",
"version": "0.29.2.42"
}
]
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
23.6%