VDB
CVE-2023-27410
CVE-2023-27410
PUBLISHED
CVSS 2.700000047683716 LOW
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.
EPSS 0.41% · 61.7th percentile
Risk Scores
CVSS v3.1
2.700000047683716
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.41%
61.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SCALANCE LPE9403 | All versions < V2.1 |
| siemens | scalance_lpe9403_firmware | 0, 0 |
Timeline
- May 9, 2023 CVE Published
- May 10, 2023 EPSS Score
- Jun 16, 2023 EPSS Score
- Jul 22, 2023 EPSS Score
- Aug 28, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
- Nov 9, 2023 EPSS Score
- Dec 16, 2023 EPSS Score
- Jan 22, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Apr 4, 2024 EPSS Score
- May 11, 2024 EPSS Score
References
- https://cert-portal.siemens.com/productcert/html/ssa-516174.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-789345.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-555292.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-892048.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-325383.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-932528.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-473245.html advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-27410 advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf url