Vulnerabilities > CVE-2023-40465 - Out-of-bounds Write vulnerability in Sierrawireless Aleos

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
sierrawireless
CWE-787
NVD
Published: 2023-12-04
Updated: 2023-12-08

Summary

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal.

Vulnerable Configurations

Part Description Count
OS
Sierrawireless
40
Hardware
Sierrawireless
7

Common Weakness Enumeration (CWE)

References