Vulnerability Description
The listed versions of Nexx Smart Home devices could allow any user to register an already registered alarm or associated device with only the device’s MAC address.
CVSS Score
8.1
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Getnexx | Nxal-100 Firmware | <= nxal100v-p1-9-1 |
| Getnexx | Nxal-100 | - |
| Getnexx | Nxg-100B Firmware | <= nxg100bv-p3-4-1 |
| Getnexx | Nxg-100B | - |
| Getnexx | Nxpg-100W Firmware | <= nxpg100cv4-0-0 |
| Getnexx | Nxpg-100W | - |
| Getnexx | Nxg-200 Firmware | <= nxg200v-p3-4-1 |
| Getnexx | Nxg-200 | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2023-1752?
CVE-2023-1752 is a vulnerability with a CVSS score of 8.1 (HIGH). The listed versions of Nexx Smart Home devices could allow any user to register an already registered alarm or associated device with only the device’s MAC address.
How severe is CVE-2023-1752?
CVE-2023-1752 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1752?
Check the references section above for vendor advisories and patch information. Affected products include: Getnexx Nxal-100 Firmware, Getnexx Nxal-100, Getnexx Nxg-100B Firmware, Getnexx Nxg-100B, Getnexx Nxpg-100W Firmware.