CVE-2023-5347

Description

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-5347
Base Score: 9.1
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Impact Score: 5.2
Exploitability Score: 3.9

cyberdanube
CVE ID: CVE-2023-5347
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

Refrence: NVD MITRE

Description​

Description