First published: Wed Nov 15 2023(Updated: )
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure.
|Affected Software||Affected Version||How to fix|
|Schneider-electric Ion8650 Firmware|
|Schneider-electric Ion8800 Firmware|
CVE-2023-5984 is a CWE-494 Download of Code Without Integrity Check vulnerability that allows modified firmware to be uploaded during a firmware update procedure.
Schneider-electric Ion8650 Firmware and Schneider-electric Ion8800 Firmware are affected by CVE-2023-5984.
CVE-2023-5984 has a severity rating of 7.2 (high).
The CVE-2023-5984 vulnerability can be exploited by an authorized admin user starting a firmware update procedure.
Schneider-electric Ion8650 is vulnerable to CVE-2023-5984, while Schneider-electric Ion8800 is not vulnerable.