Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.

Published

2023-07-17T21:15:09.907

Last Modified

2024-11-21T08:13:29.980

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
  • Type: Secondary
    CWE-770
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System crestron cp3n_6505417_firmware < 1.8001.0187 Yes
Hardware crestron cp3n_6505417 - No
Operating System crestron cp3_6504877_firmware < 1.8001.0187 Yes
Hardware crestron cp3_6504877 - No
Operating System crestron cp3-gv_6506034_firmware < 1.8001.0187 Yes
Hardware crestron cp3-gv_6506034 - No
References