Vulnerabilities > CVE-2023-28390 - Unspecified vulnerability in Icom Sr-7100Vn#31 Firmware and Sr-7100Vn Firmware

CVSS 6.8 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

icom

NVD

Published: 2023-05-23

Updated: 2023-05-30

Summary

Privilege escalation vulnerability in SR-7100VN firmware Ver.1.38(N) and earlier and SR-7100VN #31 firmware Ver.1.21 and earlier allows a network-adjacent attacker with administrative privilege of the affected product to obtain an administrative privilege of the OS (Operating System). As a result, an arbitrary OS command may be executed.

Vulnerable Configurations

Part	Description	Count
OS	Icom Icom SR 7100Vn Firmware * Icom SR 7100Vn#31 Firmware *	2
Hardware	Icom Icom SR 7100Vn - Icom SR 7100Vn#31 -	2

References

https://jvn.jp/en/jp/JVN80476232/
https://www.icom.co.jp/news/7239/