CVE-2023-27408
First published: Tue May 09 2023(Updated: )
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| siemens scalance lpe9403 firmware | <2.1 | |
| siemens scalance lpe9403 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-27408.
What is the severity of CVE-2023-27408?
The severity of CVE-2023-27408 is low.
What is the affected software for CVE-2023-27408?
The affected software for CVE-2023-27408 is SCALANCE LPE9403 (All versions < V2.1).
How can an attacker exploit CVE-2023-27408?
An authenticated attacker with access to the SSH interface can exploit CVE-2023-27408.
Is there a fix available for CVE-2023-27408?
Yes, upgrading to version 2.1 or newer of SCALANCE LPE9403 firmware will fix CVE-2023-27408.
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/weakness
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/siemens
- canonical/siemens scalance lpe9403 firmware
- canonical/siemens scalance lpe9403