CVE-2023-33365

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 3, 2023

Updated: Aug 9, 2023

CWE ID 22

Summary

CVE-2023-33365 is a newly disclosed vulnerability affecting Suprema BioStar 2 versions prior to 2.9.1. This issue permits unauthenticated attackers to exploit a path traversal weakness in the system, enabling them to retrieve arbitrary files from the server's web server. Successful exploitation could potentially lead to the exposure of sensitive data, posing a significant security risk. Organizations utilizing the Suprema BioStar 2 access control system are advised to upgrade to the latest version as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

BioStar

Affected Vendors

Suprema Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sNinAb
https://www.cve.org/CVERecord?id=CVE-2023-33365
https://nvd.nist.gov/vuln/detail/CVE-2023-33365

Back to Vulnerability Database