Lucene search
K

Korenix JetNet Improper Verification of Cryptographic Signature (CVE-2023-5347)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 5 Views

Korenix JetNet update signature flaw allows replacing OS and trusted executables on older firmware.

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Korenix JetNet Series Unauthenticated Access Exploit
16 Jan 202400:00
zdt
BDU FSTEC
The vulnerability of the TFTP microprogramming software for Korenix switches allows a intruder to cause a service failure.
15 Feb 202400:00
bdu_fstec
Circl
CVE-2023-5347
16 Jan 202419:16
circl
CNNVD
Korenix JetNet 2024/01 Security Vulnerability
9 Jan 202400:00
cnnvd
CVE
CVE-2023-5347
9 Jan 202409:54
cve
Cvelist
CVE-2023-5347 Unauthenticated Firmware Upgrade
9 Jan 202409:54
cvelist
EUVD
EUVD-2023-57664
3 Oct 202520:07
euvd
NVD
CVE-2023-5347
9 Jan 202410:15
nvd
OSV
CVE-2023-5347
9 Jan 202410:15
osv
Packet Storm
Korenix JetNet Series Unauthenticated Access
15 Jan 202400:00
packetstorm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(504962);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/06");

  script_cve_id("CVE-2023-5347");

  script_name(english:"Korenix JetNet Improper Verification of Cryptographic Signature (CVE-2023-5347)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An Improper Verification of Cryptographic Signature vulnerability in
the update process of Korenix JetNet Series allows replacing the whole
operating system including Trusted Executables. This issue affects
JetNet devices older than firmware version 2024/01.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?410e2a88");
  script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2024/Jan/11");
  # https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0f8ef61f");
  script_set_attribute(attribute:"see_also", value:"https://www.beijerelectronics.com/en/support/Help___online?docId=69947");
  # http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?410e2a88");
  script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2024/Jan/11");
  # https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0f8ef61f");
  script_set_attribute(attribute:"see_also", value:"https://www.beijerelectronics.com/en/support/Help___online?docId=69947");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-5347");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(327, 347);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508-w_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-m_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-mw_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-s_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-sw_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508i-w_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-m_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-mw_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-s_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-sw_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5310g_firmware:2.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5612g-4f_firmware:1.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5612gp-4f_firmware:1.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5620g-4c_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2dc24_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2dc48_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6628x-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6628xp-4f-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-au_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2dc24_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2dc48_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7310g-v2_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628x-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628x-4f-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Korenix");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Korenix');

var asset = tenable_ot::assets::get(vendor:'Korenix');

var vuln_cpes = {
    "cpe:/o:korenix:jetnet_5310g_firmware:2.6" :
        {"versionEndIncluding" : "2.6", "versionStartIncluding" : "2.6", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508i-w_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508-w_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-s_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-m_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-sw_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-mw_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-m_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-s_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-mw_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-sw_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5620g-4c_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5612gp-4f_firmware:1.2" :
        {"versionEndIncluding" : "1.2", "versionStartIncluding" : "1.2", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5612g-4f_firmware:1.2" :
        {"versionEndIncluding" : "1.2", "versionStartIncluding" : "1.2", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2dc24_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2dc48_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6628xp-4f-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6628x-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2dc48_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2dc24_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-au_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7310g-v2_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628x-4f-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628x-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Feb 2026 00:00Current
8.3High risk
Vulners AI Score8.3
CVSS 3.19.1 - 9.8
EPSS0.01342
SSVC
5