CVE-2023-39172: SENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencrypted
First published: Thu Dec 07 2023(Updated: )
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic.
Credit: info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Enbw Senec Storage Box Firmware | ||
| Enbw Senec Storage Box | =v1 | |
| All of | ||
| Enbw Senec Storage Box Firmware | ||
| Enbw Senec Storage Box | =v2 | |
| All of | ||
| Enbw Senec Storage Box Firmware | ||
| Enbw Senec Storage Box | =v3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-39172?
CVE-2023-39172 has a medium severity level due to the potential for sensitive information transmission without encryption.
How do I fix CVE-2023-39172?
To address CVE-2023-39172, ensure that devices use encryption protocols to secure the transmission of sensitive information.
What devices are affected by CVE-2023-39172?
CVE-2023-39172 affects Enbw Senec Storage Box devices that utilize vulnerable firmware.
Can CVE-2023-39172 be exploited remotely?
Yes, CVE-2023-39172 can be exploited by remote unauthenticated attackers who can capture and modify the unencrypted network traffic.
What type of information is at risk with CVE-2023-39172?
CVE-2023-39172 puts sensitive information at risk as it is transmitted over the network without encryption.
- collector/mitre-cve
- collector/nvd-api
- agent/references
- agent/type
- vendor/enbw
- canonical/enbw senec storage box firmware
- canonical/enbw senec storage box
- version/enbw senec storage box/v1
- version/enbw senec storage box/v2
- version/enbw senec storage box/v3