HIGH🇵🇱 Wersja polska

CVE-2023-43488

CVSS 7.9v3.1pub. 2023-10-25upd. 2024-11-21

The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical access through USB.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
  • Boschrexroth Ctrlx Hmi Web Panel Wr2107

    HW
    Boschrexroth
    wszystkie wersje
  • Boschrexroth Ctrlx Hmi Web Panel Wr2107 Firmware

    OS
    Boschrexroth
    wszystkie wersje
  • Boschrexroth Ctrlx Hmi Web Panel Wr2110

    HW
    Boschrexroth
    wszystkie wersje
  • Boschrexroth Ctrlx Hmi Web Panel Wr2110 Firmware

    OS
    Boschrexroth
    wszystkie wersje
  • Boschrexroth Ctrlx Hmi Web Panel Wr2115

    HW
    Boschrexroth
    wszystkie wersje
  • Boschrexroth Ctrlx Hmi Web Panel Wr2115 Firmware

    OS
    Boschrexroth
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-46102HIGH8.8ten sam produkt

The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange me...

CVE-2023-41372HIGH7.8ten sam produkt

The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server s...

CVE-2023-41960HIGH7.1ten sam produkt

The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provide...

CVE-2023-45220HIGH8.8ten sam produkt

The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip...

CVE-2023-45321HIGH8.3ten sam produkt

The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ...