CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34394

In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.8%

CVSS Severity

CVSS v3 Score 7.8

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02

Products affected by CVE-2023-34394

Keysight » Geolocation Server » Version: 2.4.2

cpe:2.3:a:keysight:geolocation_server:2.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34394

Products

Pricing

Contact Us