CVE-2023-40459

Summary

CVE-2023-40459 is a vulnerability affecting the ACEManager component of ALEOS 4.16 and earlier versions. The issue involves inadequate input sanitization during authentication, which could lead to a Denial of Service (DoS) condition for ACEManager. This DoS attack does not impact other router functions, but ACEManager recovers from the condition by restarting within ten seconds of becoming unavailable. This weakness could potentially be exploited by malicious actors to disrupt network services. Users are advised to update their ALEOS software to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.