Lucene search
MitreCVE-2023-38405HistoryJul 17, 2023 - 9:15 p.m.
CVE-2023-38405
2023-07-1721:15:09
mitre
web.nvd.nist.gov
15
crestron
3-series
control systems
bacnet
packet
crash
cve-2023-38405
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.0%
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
Affected configurations
Node
crestroncp3n_6505417_firmwareRange<1.8001.0187
crestroncp3n_6505417Match-
Node
crestroncp3_6504877_firmwareRange<1.8001.0187
crestroncp3_6504877Match-
Node
crestroncp3-gv_6506034_firmwareRange<1.8001.0187
crestroncp3-gv_6506034Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crestron | cp3n_6505417_firmware | * | cpe:2.3:o:crestron:cp3n_6505417_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3n_6505417 | - | cpe:2.3:h:crestron:cp3n_6505417:-:*:*:*:*:*:*:* |
| crestron | cp3_6504877_firmware | * | cpe:2.3:o:crestron:cp3_6504877_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3_6504877 | - | cpe:2.3:h:crestron:cp3_6504877:-:*:*:*:*:*:*:* |
| crestron | cp3-gv_6506034_firmware | * | cpe:2.3:o:crestron:cp3-gv_6506034_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3-gv_6506034 | - | cpe:2.3:h:crestron:cp3-gv_6506034:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-38405
2023-07-17 21:15:09
prion
prion
Code injection
2023-07-17 21:15:00
cvelist
cvelist
CVE-2023-38405
2023-07-17 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.0%
Related for CVE-2023-38405