CVE-2023-38405
First published: Mon Jul 17 2023(Updated: )
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Crestron Cp3n 6505417 Firmware | <1.8001.0187 | |
| Crestron Cp3n 6505417 | ||
| Crestron Cp3 6504877 Firmware | <1.8001.0187 | |
| Crestron Cp3 6504877 | ||
| Crestron Cp3-gv 6506034 Firmware | <1.8001.0187 | |
| Crestron Cp3-gv 6506034 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Crestron vulnerability?
The vulnerability ID for this Crestron vulnerability is CVE-2023-38405.
What is the severity level of CVE-2023-38405?
The severity level of CVE-2023-38405 is high.
How does CVE-2023-38405 affect Crestron control systems?
CVE-2023-38405 affects Crestron 3-Series Control Systems before 1.8001.0187, causing a crash when a specific BACnet packet is crafted and sent.
Which Crestron control systems are affected by CVE-2023-38405?
Crestron 3-Series Control Systems before 1.8001.0187 are affected by CVE-2023-38405.
How can I fix CVE-2023-38405?
To fix CVE-2023-38405, users should update their Crestron 3-Series Control Systems to version 1.8001.0187 or newer.
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- vendor/crestron
- canonical/crestron cp3n 6505417 firmware
- canonical/crestron cp3n 6505417
- canonical/crestron cp3 6504877 firmware
- canonical/crestron cp3 6504877
- canonical/crestron cp3-gv 6506034 firmware
- canonical/crestron cp3-gv 6506034