Vulnerability Details CVE-2023-28610
The update process in OMICRON StationGuard and OMICRON StationScout before 2.21 can be exploited by providing a modified firmware update image. This allows a remote attacker to gain root access to the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v3 Score 9.8
References
- https://www.omicronenergy.com/en/support/product-security/
- https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-security/osa-5.txt
- https://www.omicronenergy.com/en/support/product-security/
- https://www.omicronenergy.com/fileadmin/user_upload/website/files/product-security/osa-5.txt
Products affected by CVE-2023-28610
-
cpe:2.3:a:omicronenergy:stationguard:-
-
cpe:2.3:a:omicronenergy:stationguard:1.10
-
cpe:2.3:a:omicronenergy:stationguard:2.20
-
cpe:2.3:a:omicronenergy:stationscout:1.30
-
cpe:2.3:a:omicronenergy:stationscout:2.20