Lucene search
HistoryJul 17, 2023 - 9:15 p.m.
CVE-2023-38405
cve-2023-38405
bacnet packet
system crash
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.0%
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
Affected configurations
Node
crestroncp3n_6505417_firmwareRange<1.8001.0187
crestroncp3n_6505417Match-
Node
crestroncp3_6504877_firmwareRange<1.8001.0187
crestroncp3_6504877Match-
Node
crestroncp3-gv_6506034_firmwareRange<1.8001.0187
crestroncp3-gv_6506034Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crestron | cp3n_6505417_firmware | * | cpe:2.3:o:crestron:cp3n_6505417_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3n_6505417 | - | cpe:2.3:h:crestron:cp3n_6505417:-:*:*:*:*:*:*:* |
| crestron | cp3_6504877_firmware | * | cpe:2.3:o:crestron:cp3_6504877_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3_6504877 | - | cpe:2.3:h:crestron:cp3_6504877:-:*:*:*:*:*:*:* |
| crestron | cp3-gv_6506034_firmware | * | cpe:2.3:o:crestron:cp3-gv_6506034_firmware:*:*:*:*:*:*:*:* |
| crestron | cp3-gv_6506034 | - | cpe:2.3:h:crestron:cp3-gv_6506034:-:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2023-07-17 21:15:00
cvelist
cvelist
CVE-2023-38405
2023-07-17 00:00:00
cve
cve
CVE-2023-38405
2023-07-17 21:15:09
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.0%
Related for NVD:CVE-2023-38405