Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for FDS102 for FAdC/FAdCi by Frauscher

    CVE-2023-5500 (GCVE-0-2023-5500)

    Vulnerability from nvd – Published: 2023-12-11 07:13 – Updated: 2024-08-02 07:59
    VLAI
    Title
    Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability
    Summary
    This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code ('Code Injection') to gain full control of the affected device.
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Frauscher FDS102 for FAdC/FAdCi Affected: 2.10.0 , ≤ 2.10.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.783Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FDS102 for FAdC/FAdCi",
              "vendor": "Frauscher",
              "versions": [
                {
                  "lessThanOrEqual": "2.10.1",
                  "status": "affected",
                  "version": "2.10.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
                }
              ],
              "value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-11T07:13:51.308Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-049",
            "defect": [
              "CERT@VDE#64600"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-5500",
        "datePublished": "2023-12-11T07:13:51.308Z",
        "dateReserved": "2023-10-10T13:52:02.969Z",
        "dateUpdated": "2024-08-02T07:59:44.783Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5500 (GCVE-0-2023-5500)

    Vulnerability from cvelistv5 – Published: 2023-12-11 07:13 – Updated: 2024-08-02 07:59
    VLAI
    Title
    Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability
    Summary
    This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code ('Code Injection') to gain full control of the affected device.
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Frauscher FDS102 for FAdC/FAdCi Affected: 2.10.0 , ≤ 2.10.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.783Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FDS102 for FAdC/FAdCi",
              "vendor": "Frauscher",
              "versions": [
                {
                  "lessThanOrEqual": "2.10.1",
                  "status": "affected",
                  "version": "2.10.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
                }
              ],
              "value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-11T07:13:51.308Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-049",
            "defect": [
              "CERT@VDE#64600"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-5500",
        "datePublished": "2023-12-11T07:13:51.308Z",
        "dateReserved": "2023-10-10T13:52:02.969Z",
        "dateUpdated": "2024-08-02T07:59:44.783Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }