A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow
modified firmware to be uploaded when an authorized admin user begins a firmware update
procedure which could result in full control over the device.
References
Configurations
History
14 Dec 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device. |
21 Nov 2023, 19:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-15 04:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-5984
Mitre link : CVE-2023-5984
CVE.ORG link : CVE-2023-5984
JSON object : View
Products Affected
schneider-electric
- ion8800_firmware
- ion8800
- ion8650_firmware
- ion8650
CWE
CWE-494
Download of Code Without Integrity Check