CVE-2023-37373
First published: Tue Aug 08 2023(Updated: )
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens RUGGEDCOM CROSSBOW | <5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this RUGGEDCOM CROSSBOW vulnerability?
The vulnerability ID for this RUGGEDCOM CROSSBOW vulnerability is CVE-2023-37373.
What is the severity of CVE-2023-37373?
The severity of CVE-2023-37373 is high with a score of 7.5.
What is the affected software for CVE-2023-37373?
The affected software for CVE-2023-37373 is Siemens Ruggedcom Crossbow (All versions < V5.4).
How does CVE-2023-37373 affect the affected applications?
CVE-2023-37373 allows unauthenticated remote attackers to write arbitrary files to the affected application's file system.
Is there a fix available for CVE-2023-37373?
Yes, updating to version V5.4 or later of Siemens Ruggedcom Crossbow will fix CVE-2023-37373.
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- vendor/siemens
- canonical/siemens ruggedcom crossbow