CVE-2023-25367

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 28, 2023

Summary

CVE-2023-25367 is a newly disclosed vulnerability affecting Siglent SDS 1104X-E oscilloscopes running version SDS1xx4X-E_V6.1.37R9.ADS. This issue permits unfiltered user input via the SCPI interface or web server, exposing a potential Remote Code Execution (RCE) risk. An attacker could exploit this bug by sending malicious commands, leading to arbitrary code execution and potential system compromise. Users are advised to update their devices to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ro_NjP
https://www.cve.org/CVERecord?id=CVE-2023-25367
https://nvd.nist.gov/vuln/detail/CVE-2023-25367

Back to Vulnerability Database

CVE-2023-25367

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations