Lucene search
HistorySep 05, 2014 - 5:55 p.m.
CVE-2014-2378
7.6 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:C/I:C/A:P
7.7 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.1%
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update.
Affected configurations
Node
sensysnetworkstrafficdotRange≤2.10.2
ORsensysnetworkstrafficdotMatch2.8.3
ORsensysnetworkstrafficdotMatch2.10.0
ORsensysnetworkstrafficdotMatch2.10.1
sensysnetworksvsn240-fMatch-
ORsensysnetworksvsn240-tMatch-
Node
sensysnetworksvdsRange≤2.10.0
ORsensysnetworksvdsMatch1.8.5
ORsensysnetworksvdsMatch1.8.7
ORsensysnetworksvdsMatch2.6.3
ORsensysnetworksvdsMatch2.6.4
sensysnetworksvsn240-fMatch-
ORsensysnetworksvsn240-tMatch-
Related
cve
cve
CVE-2014-2378
2014-09-05 17:55:06
prion
prion
Code injection
2014-09-05 17:55:00
cvelist
cvelist
CVE-2014-2378
2014-09-05 17:00:00
ics
ics
Sensys Networks Traffic Sensor Vulnerabilities (Update A)
2014-10-28 12:00:00
7.6 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:C/I:C/A:P
7.7 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.1%
Related for NVD:CVE-2014-2378