CVE-2023-41966

MITJÀ: (6,5)

CVSS3: 5,7

Sielco Radio Link and Analog FM Transmitters podrien permetre a un atacant remot autenticat obtenir privilegis elevats del sistema. Mitjançant l’enviament d’un POST HTTP per establir un paràmetre, l’atacant podria explotar aquesta vulnerabilitat per elevar privilegis.

Sistemes Afectats

• Sielco Analog FM transmitter 2.12 (EXC5000GX)
• Sielco Analog FM transmitter 2.12 (EXC120GX)
• Sielco Analog FM transmitter 2.11 (EXC300GX)
• Sielco Analog FM transmitter 2.10 (EXC1600GX)
• Sielco Analog FM transmitter 2.10 (EXC2000GX)
• Sielco Analog FM transmitter 2.08 (EXC1600GX)
• Sielco Analog FM transmitter 2.08 (EXC1000GX)
• Sielco Analog FM transmitter 2.07 (EXC3000GX)
• Sielco Analog FM transmitter 2.06 (EXC5000GX)
• Sielco Analog FM transmitter 1.7.7 (EXC30GT)
• Sielco Analog FM transmitter 1.7.4 (EXC300GT)
• Sielco Analog FM transmitter 1.7.4 (EXC100GT)
• Sielco Analog FM transmitter 1.7.4 (EXC5000GT)
• Sielco Analog FM transmitter 1.6.3 (EXC1000GT)
• Sielco Analog FM transmitter 1.5.4 (EXC120GT)
• Sielco Radio Link 2.06 (RTX19)
• Sielco Radio Link 2.05 (RTX19)
• Sielco Radio Link 2.00 (EXC19)
• Sielco Radio Link 1.60 (RTX19)
• Sielco Radio Link 1.59 (RTX19)
• Sielco Radio Link 1.55 (EXC19)

Remediació
No hi ha recursos disponibles amb data 26 d’octubre del 2023.

Referències

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08
• https://www.sielco.org/en/contacts
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41966