VDB
CVE-2023-27408
CVE-2023-27408
PUBLISHED
CVSS 3.299999952316284 LOW
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects.
EPSS 0.05% · 14.6th percentile
Risk Scores
CVSS 3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
0.05%
14.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SCALANCE LPE9403 | All versions < V2.1 |
| siemens | scalance_lpe9403_firmware | 0, 0 |
Exploit Intelligence
Timeline
- May 9, 2023 CVE Published
- May 10, 2023 EPSS Score
- Jun 16, 2023 EPSS Score
- Jul 23, 2023 EPSS Score
- Aug 28, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 17, 2023 EPSS Score
- Jan 22, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Apr 5, 2024 EPSS Score
- May 12, 2024 EPSS Score
References
- https://cert-portal.siemens.com/productcert/html/ssa-516174.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-789345.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-555292.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-892048.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-325383.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-932528.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-473245.html advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-27408 advisory