Vulnerability Description
The update process in OMICRON StationGuard and OMICRON StationScout before 2.21 can be exploited by providing a modified firmware update image. This allows a remote attacker to gain root access to the system.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Omicronenergy | Stationguard | <= 2.20 |
| Omicronenergy | Stationscout | <= 2.20 |
Related Weaknesses (CWE)
References
- https://www.omicronenergy.com/en/support/product-security/Vendor Advisory
- https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-securiVendor Advisory
- https://www.omicronenergy.com/en/support/product-security/Vendor Advisory
- https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-securiVendor Advisory
FAQ
What is CVE-2023-28610?
CVE-2023-28610 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The update process in OMICRON StationGuard and OMICRON StationScout before 2.21 can be exploited by providing a modified firmware update image. This allows a remote attacker to gain root access to the...
How severe is CVE-2023-28610?
CVE-2023-28610 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-28610?
Check the references section above for vendor advisories and patch information. Affected products include: Omicronenergy Stationguard, Omicronenergy Stationscout.