{"vulnerability": "CVE-2023-24011", "sightings": [{"uuid": "bdbca632-e419-48bd-b104-2c74783c94de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24011", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799182800435761", "content": "", "creation_timestamp": "2025-01-09T15:48:48.501221Z"}, {"uuid": "f89c6e55-170f-4675-988b-961bfec874d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24011", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113798913121113388", "content": "", "creation_timestamp": "2025-01-09T14:40:11.384741Z"}, {"uuid": "b30d4eb2-e90a-4e24-82aa-9591efd1f956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24011", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcxttiiq42i", "content": "", "creation_timestamp": "2025-01-09T15:15:42.916963Z"}, {"uuid": "0b3a0682-d43d-48b3-8e69-506d2adc8114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24011", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcz4mlo4o25", "content": "", "creation_timestamp": "2025-01-09T15:38:34.173318Z"}, {"uuid": "2454509e-edc1-47ad-bc49-4492f7e8e185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24011", "type": "seen", "source": "https://t.me/cvedetector/14851", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-24011 - Siemens Industrial Automation ROS 2 DDS PKCS7 Certificate Validation_chain Execution Bypass\", \n  \"Content\": \"CVE ID : CVE-2023-24011 \nPublished : Jan. 9, 2025, 3:15 p.m. | 39\u00a0minutes ago \nDescription : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate\u2019s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T16:55:42.000000Z"}]}