Vulnerabilities > CVE-2023-27309 - Missing Authorization vulnerability in Siemens Ruggedcom Crossbow
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |