CVE-2023-40252

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 17, 2023

Updated: Aug 29, 2023

CWE ID 94

Summary

CVE-2023-40252 is a Code Injection vulnerability affecting multiple Genians products, including Genian NAC V4.0, Genian NAC V5.0, Genian NAC Suite V5.0, and Genian ZTNA. The flaw allows an attacker to replace trusted executables, potentially leading to unauthorized code execution. Affected versions of Genian NAC V4.0 range from V4.0.0 to V4.0.155; Genian NAC V5.0, from V5.0.0 to V5.0.42 (Revision 117460); Genian NAC Suite V5.0, from V5.0.0 to V5.0.54; and Genian ZTNA, from V6.0.0 to V6.0.15. Successful exploitation of this vulnerability could result in significant security risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Genians

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sTEt7Y
https://www.cve.org/CVERecord?id=CVE-2023-40252
https://nvd.nist.gov/vuln/detail/CVE-2023-40252

Back to Vulnerability Database

CVE-2023-40252

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations