Vulnerabilities > CVE-2023-40465 - Out-of-bounds Write vulnerability in Sierrawireless Aleos

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
sierrawireless
CWE-787

Summary

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal.

Common Weakness Enumeration (CWE)