CVE-2023-5347

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Jan 9, 2024

Updated: Jan 17, 2024

CWE ID 347

Summary

CVE-2023-5347 is a significant vulnerability affecting Korenix JetNet Series devices. The issue involves an Improper Verification of Cryptographic Signature in the update process, enabling attackers to replace the entire operating system, including trusted executables. This vulnerability poses a serious risk, as it can impact JetNet devices with firmware versions older than 2024/01. Successful exploitation of this vulnerability could lead to unauthorized system takeover and potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Korenix Tech

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s4dPqk
https://www.cve.org/CVERecord?id=CVE-2023-5347
https://nvd.nist.gov/vuln/detail/CVE-2023-5347

Back to Vulnerability Database

CVE-2023-5347

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations