Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-27408

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects.

Published

2023-05-09T13:15:16.727

Last Modified

2024-11-21T07:52:51.213

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Primary
CWE-378

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	scalance_lpe9403_firmware	< 2.1	Yes
Hardware	siemens	scalance_lpe9403	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)