Lucene search

[email protected]CVE-2023-3495

HistoryAug 23, 2023 - 2:15 a.m.

CVE-2023-3495

2023-08-2302:15:08

CWE-787

[email protected]

web.nvd.nist.gov

hitachi eh-view

keypaddesigner

vulnerability

out-of-bounds write

local attack

arbitrary code

nvd

cve-2023-3495

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.7%

JSON

UNSUPPORTED WHEN ASSIGNED Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Affected configurations

NVD

Node

hitachieh-viewMatch-

CPENameOperatorVersion
hitachi:eh-viewhitachi eh-vieweq-

CPE	Name	Operator	Version
hitachi:eh-view	hitachi eh-view	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "KeypadDesigner"
    ],
    "product": "EH-VIEW",
    "vendor": "Hitachi",
    "versions": [
      {
        "lessThan": "*",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/hirt/hitachi-sec/2023/002.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.7%

JSON

Related for CVE-2023-3495

prion1 nvd1 cvelist1