CVE-2023-27410: Buffer Overflow
First published: Tue May 09 2023(Updated: )
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Scalance Lpe9403 Firmware | <2.1 | |
| Siemens Scalance Lpe9403 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-27410.
What is the affected software?
The affected software is SCALANCE LPE9403 (All versions < V2.1).
What is the severity of CVE-2023-27410?
The severity of CVE-2023-27410 is low.
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-119 and CWE-122.
How can I fix the vulnerability?
To fix the vulnerability, update SCALANCE LPE9403 firmware to version 2.1 or higher.
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens scalance lpe9403 firmware
- canonical/siemens scalance lpe9403