Lucene search
IcscertCVE-2023-49610HistoryFeb 01, 2024 - 11:15 p.m.
CVE-2023-49610
2024-02-0123:15:10
CWE-20
icscert
web.nvd.nist.gov
15
cve
2023
49610
machinesense
feverwarn
raspberry pi
input sanitization
command injection
stack overflow
vulnerability
CVSS3
8.1
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.001
Percentile
21.8%
MachineSense FeverWarn Raspberry Pi-based devices lack input sanitization, which could allow an attacker on an adjacent network to send a message running commands or could overflow the stack.
Affected configurations
Node
machinesensefeverwarn_firmwareMatch-
machinesensefeverwarnMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| machinesense | feverwarn_firmware | - | cpe:2.3:o:machinesense:feverwarn_firmware:-:*:*:*:*:*:*:* |
| machinesense | feverwarn | - | cpe:2.3:h:machinesense:feverwarn:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FeverWarn",
"vendor": "MachineSense",
"versions": [
{
"status": "affected",
"version": "ESP32"
},
{
"status": "affected",
"version": "RaspberryPi"
},
{
"status": "affected",
"version": "DataHub RaspberryPi"
}
]
}
]Related
cvelist
cvelist
CVE-2023-49610 MachineSense FeverWarn Improper Input Validation
2024-02-01 22:35:12
prion
prion
Buffer overflow
2024-02-01 23:15:00
nvd
nvd
CVE-2023-49610
2024-02-01 23:15:10
ics
ics
MachineSense FeverWarn
2024-01-25 12:00:00
CVSS3
8.1
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.001
Percentile
21.8%
Related for CVE-2023-49610