CVE-2023-5402

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 4, 2023

Updated: Oct 11, 2023

CWE ID 269

Summary

CVE-2023-5402 is a recently disclosed vulnerability classified as CWE-269: Improper Privilege Management. This issue allows an attacker to execute remote code when using the transfer command over a network. The vulnerability stems from insufficient privilege checks, enabling an unauthorized user to gain elevated access and potentially take control of the affected system. This security flaw poses a significant risk to organizations and individuals using the vulnerable software, requiring prompt patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Schneider Electric SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s4Yc3O
https://www.cve.org/CVERecord?id=CVE-2023-5402
https://nvd.nist.gov/vuln/detail/CVE-2023-5402

Back to Vulnerability Database

CVE-2023-5402

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations