CVE-2023-38523

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jul 20, 2023

Updated: Aug 1, 2023

CWE ID 306

Summary

CVE-2023-38523 reveals a vulnerability in multiple Samsung Harman AMX N-Series devices, including video encoders, decoders, and audio transceivers. The web interface of the affected devices does not require authentication to list the contents of the /tmp/ directory. This exposure puts sensitive information, such as command history and screenshots of processed files, at risk. Affected models include N-Series N1115, N1x22A, N1x33A, N1x33, N2x35, N2x35A, N2xx2, N2xx2A, N3000, and N4321, with versions before 1.15.61, 1.00.06, and 2.12.105, respectively.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sCtcwX
https://www.cve.org/CVERecord?id=CVE-2023-38523
https://nvd.nist.gov/vuln/detail/CVE-2023-38523

Back to Vulnerability Database

CVE-2023-38523

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations