Code injection

2023-12-1107:15:00

PRIOn knowledge base

www.prio-n.com

code injection

remote attacker

low privileges

improper control

generation of code

nvd

7.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.6%

JSON

This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (‘Code Injection’) to gain full control of the affected device.

CPENameOperatorVersion
frauscher_diagnostic_system_102ge2.10.0
frauscher_diagnostic_system_102lt2.10.2
frauscher_diagnostic_system_102ge2.10.0
frauscher_diagnostic_system_102lt2.10.2

Name	Operator	Version
frauscher_diagnostic_system_102	ge	2.10.0
frauscher_diagnostic_system_102	lt	2.10.2
frauscher_diagnostic_system_102	ge	2.10.0
frauscher_diagnostic_system_102	lt	2.10.2

References

cert.vde.com/en/advisories/VDE-2023-049/