Lucene search

[email protected]NVD:CVE-2023-24500

HistoryApr 17, 2023 - 10:15 p.m.

CVE-2023-24500

2023-04-1722:15:08

[email protected]

web.nvd.nist.gov

electra central

ac unit

unauthorized fw

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

15.5%

JSON

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW.

Affected configurations

Nvd

Node

electra-aircentral_ac_unitMatch-

AND

electra-aircentral_ac_unit_firmwareMatchv7

electra-aircentral_ac_unit_firmwareMatchv8

VendorProductVersionCPE
electra-aircentral_ac_unit-cpe:2.3:h:electra-air:central_ac_unit:-:*:*:*:*:*:*:*
electra-aircentral_ac_unit_firmwarev7cpe:2.3:o:electra-air:central_ac_unit_firmware:v7:*:*:*:*:*:*:*
electra-aircentral_ac_unit_firmwarev8cpe:2.3:o:electra-air:central_ac_unit_firmware:v8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
electra-air	central_ac_unit	-	cpe:2.3:h:electra-air:central_ac_unit:-:::::::*
electra-air	central_ac_unit_firmware	v7	cpe:2.3:o:electra-air:central_ac_unit_firmware:v7:::::::*
electra-air	central_ac_unit_firmware	v8	cpe:2.3:o:electra-air:central_ac_unit_firmware:v8:::::::*

References

www.gov.il/en/Departments/faq/cve_advisories

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

15.5%

JSON

Related for NVD:CVE-2023-24500

cvelist1 prion1 cve1