Lucene search

[email protected]NVD:CVE-2023-47304

HistoryDec 05, 2023 - 4:15 a.m.

CVE-2023-47304

2023-12-0504:15:07

CWE-287

[email protected]

web.nvd.nist.gov

vonage

uart

authentication

bypass

memory

device

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device.

Affected configurations

NVD

Node

vonagevdv23_firmwareMatchvdv21-3.2.11-0.5.1

AND

vonagevdv23Match-

References

trojanhorsey.substack.com/p/cve-2023-47304-unsecured-uart-in

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-47304

prion1 cvelist1 cve1