CVE-2023-5253

Summary

CVE-2023-5253 is a vulnerability that affects the Check Point IoT integration in Nozomi Networks Guardian and CMC. It is categorized as a missing authentication check in the WebSocket channel, which could allow an unauthenticated attacker to obtain asset data without authentication. This vulnerability has a base severity of MEDIUM and a base score of 5.3 according to the CVSS 3.1 scoring system. The affected products include sW38QU, tzumCh, tzul2x, sW38QV, uPXti3, tzumCi, uPXti2, edmJ37, oPRGAi, uPXti5, oPRGAj, and uPXti4. The potential danger of this vulnerability lies in malicious unauthenticated users being able to extract asset information if they have knowledge of the underlying system. It is recommended to apply remediation measures promptly to mitigate the risk associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.