ID |
CVE-2023-22357
|
Summary |
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the firmware, causing a denial-of-service (DoS) condition, and/or arbitrary code execution. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | None |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
|
|
|
|
Impact |
Confidentiality | Integrity | Availability |
|
|
|
|
Last major update |
24-01-2023 - 21:00 |
Published |
17-01-2023 - 10:15 |
Last modified |
24-01-2023 - 21:00 |