Vulnetix
Try Vulnetix Request Demo
CVE-2023-5347 PUBLISHED CVSS 9.800000190734863 CRITICAL

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.

EPSS 0.17% · 38.6th percentile

Risk Scores

CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.17%
38.6th percentile

Affected Products

VendorProductVersions
korenixjetnet_7628xp-4f-us_firmware1.1, 1.0, 1.1
korenixjetnet_4508f-s_firmware2.3, 2.3, 2.3
korenixjetnet_4508if-mw_firmware1.3, 1.3, 1.3
korenixjetnet_6528gf-2dc24_firmware1.0, 1.0, 1.0
korenixjetnet_4508_firmware2.3, 2.3, 2.3
korenixjetnet_6628x-4f-eu_firmware1.0, 1.0, 1.0
korenixjetnet_6528gf-ac-eu_firmware1.0, 1.0, 1.0
korenixjetnet_5310g_firmware2.6, 2.6, 2.6
korenixjetnet_5612g-4f_firmware1.2, 1.2, 1.2
korenixjetnet_5620g-4c_firmware1.1, 1.1, 1.1
korenixjetnet_6910g-m12_hvdc_firmware1.0, 1.0, 1.0
korenixjetnet_4508i-w_firmware1.3, 1.3, 1.3
korenixjetnet_5612gp-4f_firmware1.2, 1.2, 1.2
korenixjetnet_6828gf-2ac-eu_firmware1.0, 1.0, 1.0
korenixjetnet_4508f-sw_firmware2.3, 2.3, 2.3
korenixjetnet_6628xp-4f-us_firmware1.1, 1.1, 1.1
korenixjetnet_6828gf-2dc48_firmware1.0, 1.0, 1.0
KorenixJetNet Seriesfirmware older than 2024/01, firmware older than 2024/01, firmware older than 2024/01
korenixjetnet_6528gf-ac-us_firmware1.0, 1.0, 1.0
korenixjetnet_6528gf-2ac-eu_firmware1.0, 1.0, 1.0

…and 23 more

Timeline

References

Open in Interactive Console →