Vulnerability Description
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Eki-1524 Firmware | <= 1.24 |
| Advantech | Eki-1524 | - |
| Advantech | Eki-1522 Firmware | <= 1.24 |
| Advantech | Eki-1522 | - |
| Advantech | Eki-1521 Firmware | <= 1.24 |
| Advantech | Eki-1521 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/174153/Advantech-EKI-1524-CE-EKI-1522-EKI-1
- http://seclists.org/fulldisclosure/2023/Aug/13
- https://cyberdanube.com/en/en-st-polten-uas-multiple-vulnerabilities-in-advantecExploitThird Party Advisory
- http://packetstormsecurity.com/files/174153/Advantech-EKI-1524-CE-EKI-1522-EKI-1
- http://seclists.org/fulldisclosure/2023/Aug/13
- https://cyberdanube.com/en/en-st-polten-uas-multiple-vulnerabilities-in-advantecExploitThird Party Advisory
FAQ
What is CVE-2023-4203?
CVE-2023-4203 is a vulnerability with a CVSS score of 9.0 (CRITICAL). Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-inter...
How severe is CVE-2023-4203?
CVE-2023-4203 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-4203?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Eki-1524 Firmware, Advantech Eki-1524, Advantech Eki-1522 Firmware, Advantech Eki-1522, Advantech Eki-1521 Firmware.