VDB
CVE-2023-45237
CVE-2023-45237
PUBLISHED
CVSS 5.300000190734863 MEDIUM
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
EPSS 0.41% · 61.7th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
0.41%
61.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | B&R Industrial Automation GmbH PPC3100 <1.45 | |
| ABB | ABB APC4100 <1.09 | |
| ABB | ABB PPC1200 <1.14 | |
| ABB | ABB PPC2200 <1.35 | |
| ABB | B&R Industrial Automation GmbH APC2200 <1.35 | |
| ABB | B&R Industrial Automation GmbH APC910 <=1.25 | |
| ABB | B&R Industrial Automation GmbH APC4100 <1.09 | |
| ABB | B&R Industrial Automation GmbH MPC3100 <1.24 | |
| ABB | B&R Industrial Automation GmbH PPC2200 <1.35 | |
| ABB | B&R Industrial Automation GmbH PPC1200 <1.14 | |
| ABB | B&R Industrial Automation GmbH PPC900 <2.16 | |
| ABB | ABB APC910 <=1.25 | |
| ABB | ABB APC2200 <1.35 | |
| ABB | ABB PPC900 <2.16 | |
| ABB | B&R Industrial Automation GmbH APC3100 <1.45 | |
| ABB | ABB C80 <1.14 | |
| ABB | ABB APC3100 <1.45 | |
| ABB | ABB PPC3100 <1.45 | |
| ABB | B&R Industrial Automation GmbH C80 <1.14 | |
| ABB | ABB MPC3100 <1.24 |
Exploit Intelligence
Timeline
- Jan 16, 2024 CVE Published
- Jan 24, 2024 EPSS Score
- Feb 21, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
- Jul 9, 2024 EPSS Score
- Aug 6, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
- Sep 30, 2024 EPSS Score
- Oct 28, 2024 EPSS Score