Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-5347 (GCVE-0-2023-5347)
Vulnerability from cvelistv5 – Published: 2024-01-09 09:54 – Updated: 2025-10-08 09:10
VLAI?
EPSS
Title
Unauthenticated Firmware Upgrade
Summary
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetNet Series |
Affected:
firmware older than 2024/01
|
Credits
S. Dietz (CyberDanube)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5347",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:33:17.516940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:33:02.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-558",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-558 Replace Trusted Executable"
}
]
},
{
"capecId": "CAPEC-552",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-552 Install Rootkit"
}
]
},
{
"capecId": "CAPEC-642",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-642 Replace Binaries"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:10:00.840Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Firmware Upgrade",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5347",
"datePublished": "2024-01-09T09:54:59.664Z",
"dateReserved": "2023-10-03T08:11:00.343Z",
"dateUpdated": "2025-10-08T09:10:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jan/11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:52:08.584Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5347\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T15:33:17.516940Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T15:33:19.190Z\"}}], \"cna\": {\"title\": \"Unauthenticated Firmware Upgrade\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"S. Dietz (CyberDanube)\"}], \"impacts\": [{\"capecId\": \"CAPEC-558\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-558 Replace Trusted Executable\"}]}, {\"capecId\": \"CAPEC-552\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-552 Install Rootkit\"}]}, {\"capecId\": \"CAPEC-642\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-642 Replace Binaries\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Korenix\", \"product\": \"JetNet Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware older than 2024/01\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"}, {\"url\": \"https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jan/11\"}, {\"url\": \"http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"See:\\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"See:\u0026nbsp;\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\\\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\\u00a0This issue affects JetNet devices older than firmware version 2024/01.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u0026nbsp;\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"CWE-347 Improper Verification of Cryptographic Signature\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-327\", \"description\": \"CWE-327 Use of a Broken or Risky Cryptographic Algorithm\"}]}], \"providerMetadata\": {\"orgId\": \"7d092a75-6bbd-48c6-a15a-0297458009bc\", \"shortName\": \"CyberDanube\", \"dateUpdated\": \"2025-10-08T09:10:00.840Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-5347\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-08T09:10:00.840Z\", \"dateReserved\": \"2023-10-03T08:11:00.343Z\", \"assignerOrgId\": \"7d092a75-6bbd-48c6-a15a-0297458009bc\", \"datePublished\": \"2024-01-09T09:54:59.664Z\", \"assignerShortName\": \"CyberDanube\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2023-5347
Vulnerability from fkie_nvd - Published: 2024-01-09 10:15 - Updated: 2025-10-08 09:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A95682DF-7942-49DA-9F81-EF1807045409",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81A3D8A9-E142-498A-B4E8-B4B197E62F55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F0FE3A-6460-46FD-BDC0-40BF2705637D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99147D57-7780-4234-B55D-CC9AFBA481C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96C77E80-72C3-4662-A9CE-7C8CC126F1B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8898260C-6D31-41BA-A2F2-A8975B5C7DEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E017D04-2392-483C-AC36-8AF8F061720B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC01082-D54E-4E35-A68C-3CF5A54F2816",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7461886A-A4D4-4193-8366-5DBB3A78A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAE70B6-7384-4909-8A07-3F786A51EF6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-m_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01E97B8A-ABBB-4EE6-9F56-4766FAAA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "044D5792-E5CE-4235-9148-C984AC0F1F6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-sw_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E5AC4C-E6E6-45A0-9E27-54ABC3D224F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-sw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB3742F-CC0B-49E5-B29C-EF4E7D9A7D28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-mw_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82EBBC44-1C71-406C-9FF0-39FB493C5931",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-mw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "701A8011-7DA5-417F-B36F-ABED3914DED6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-m_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7361627A-4F68-413D-8051-5C3318DD8F51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43A20FF6-2622-4FD4-939C-587B48DD8933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-s_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78B14120-454F-4D1D-A156-1506DD0C0037",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4637E3CC-6474-419C-A78C-963C77AEFF51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-mw_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F5BD0F-74C3-4032-A6CC-90A96EBAA14C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-mw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E5326F-3E4F-40EB-946F-A4D6EA71E9B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-sw_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "71C41FA7-2DD7-4788-9874-67ACCADDD456",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-sw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFA438-A071-445B-86B9-44C22DB7664D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5620g-4c_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9FE392-DF90-4837-9B96-6CC3ADE539CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5620g-4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9385192-A75A-428E-9A04-E443A69B2DF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5612gp-4f_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64BD0899-AA5B-43DA-B741-BC74CF522989",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5612gp-4f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1097E748-4ACA-4D97-8000-A219D0771B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5612g-4f_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03B76261-DAD3-43C9-AAB1-ED30C825A3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5612g-4f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D7393F-8736-4BC7-A611-4E54D14F7893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB3C066-DA69-4C69-ACD1-8AA325667B25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93F24671-F7E7-476E-92CD-CF0061682A6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E34410B0-C4D5-40B9-89A8-95782A55913E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9145BCF4-E8A0-4561-B5D3-B79B8BDD8692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "347A53EC-7C44-46C4-ABAF-CF7AD709B0AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1189AAB8-CFB1-4542-A85D-717E793F67F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9D7474-2DC1-4698-8116-506E05A87E0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B857CDA-1A39-454E-B16C-CE90CD1577B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47FED1A9-830B-4F3D-92C7-5CAEF5F742C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAAB531-DB65-4C51-A2FC-9D7E6FBBCB23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13F06A64-36CA-4023-8217-1ECC065AFC13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "165844C8-B773-49D1-AFFB-564EE4858127",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB9A900-9AC7-4A82-BEED-7002AD81AFDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69857D1C-BA45-4B3F-8F11-9D5636EDFF5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95314D-9AFC-40CB-B449-B195FF94605B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B483B168-203E-4905-9585-B7DDC735A76E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C890BEF3-785C-47F1-A65C-92518E4FAA2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A1FA23F-3E4E-46E5-A0F8-B31895C1B5CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70128CE4-FAF6-4564-BC3F-EFA813A01DD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6628x-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC14B48-37CE-4385-A779-A553850A7B3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E4FFB2-CB4C-4088-A656-84B7F883DF6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D865328-72DC-4802-A82D-DBF30B638583",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C837607-C6FF-40F2-AC88-6A9C48CB1029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16305FB2-E46A-4DDA-9E85-64DAD64B35D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43816A78-45C6-4829-A4C4-72DA8E0E330C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E8437F-8F81-40D5-A4A2-D6D3D1E8DC7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B733CE0-84AC-4E80-9276-F129F41DF88E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C8D47C-A56B-43A2-9A85-4C5823A3B9A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1ADD38-C9C3-42AE-AD9A-D20FE64F44D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51811483-40D1-40B9-82CB-015CEA7A8ACE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC888A2-32AC-4DB0-B073-FE8FE9A565CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "585BC55D-9ED9-4A22-AFED-9C199A89011F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "527AFFFB-0626-41AD-9CD8-0E34ECC4B4A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA11034-5A43-45C5-A48A-B9754A63AFBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B07B4D-6E13-4589-8ACA-ADF728EB4716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-au:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1523A9A-09E0-44E1-96E2-24FE49B7FDAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69E718E1-864B-4B97-8A4C-242E449728A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64F5C7-7FC0-415A-8209-145DA3A296FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C26FCFA8-C978-4967-82CC-7CEBEC9014B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73431E6E-CAF5-4114-A2E8-BE9860558610",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65334CFA-6C17-461E-9137-976244486B42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6910g-m12_hvdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D90718-B60B-4950-9898-24E315D63F44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7310g-v2_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC7EFE2-DE02-4012-955B-5078348B362C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7310g-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53CE00D4-6846-4C28-83DD-13952831275E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C417B424-3504-4BFB-AFB9-B66C0AF38AD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B817CA4-30DC-419D-AD84-3489CA0C68D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE668B76-D528-4C4F-93CC-893479E2230C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72B8862C-DA86-46DD-957A-7B88C6C42927",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3563599-3CF7-46ED-8734-0A52BA052071",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C722303-26DB-44AD-BF0D-A7930C52A638",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06B11C-154D-4B6A-8E8E-A12831F8211E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF8048-A100-4BDB-B902-B80E70D89173",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6624B567-4DF0-4A67-8C14-EB8E4BE1EEDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7714g-m12_hvdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0492BC5-5B2C-4DF7-971C-679955DE83AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
},
{
"lang": "es",
"value": "Una vulnerabilidad de verificaci\u00f3n incorrecta de la firma criptogr\u00e1fica en el proceso de actualizaci\u00f3n de Korenix JetNet Series permite reemplazar todo el sistema operativo, incluidos los ejecutables confiables. Este problema afecta a los dispositivos JetNet anteriores a la versi\u00f3n de firmware 2024/01."
}
],
"id": "CVE-2023-5347",
"lastModified": "2025-10-08T09:15:32.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "office@cyberdanube.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-09T10:15:22.523",
"references": [
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"sourceIdentifier": "office@cyberdanube.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
},
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "office@cyberdanube.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3FR9-8M46-R2MM
Vulnerability from github – Published: 2024-01-09 12:30 – Updated: 2025-10-08 09:31
VLAI?
Details
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2023-5347"
],
"database_specific": {
"cwe_ids": [
"CWE-327",
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-09T10:15:22Z",
"severity": "CRITICAL"
},
"details": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01.",
"id": "GHSA-3fr9-8m46-r2mm",
"modified": "2025-10-08T09:31:13Z",
"published": "2024-01-09T12:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5347"
},
{
"type": "WEB",
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series"
},
{
"type": "WEB",
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-5347
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-5347",
"id": "GSD-2023-5347"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-5347"
],
"details": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01.",
"id": "GSD-2023-5347",
"modified": "2023-12-13T01:20:50.902589Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "office@cyberdanube.com",
"ID": "CVE-2023-5347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JetNet Series",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
}
]
}
}
]
},
"vendor_name": "Korenix"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "S. Dietz (CyberDanube)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-347",
"lang": "eng",
"value": "CWE-347 Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947",
"refsource": "MISC",
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"name": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/",
"refsource": "MISC",
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"name": "http://seclists.org/fulldisclosure/2024/Jan/11",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"name": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947 https://www.beijerelectronics.com/en/support/Help___online "
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A95682DF-7942-49DA-9F81-EF1807045409",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81A3D8A9-E142-498A-B4E8-B4B197E62F55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F0FE3A-6460-46FD-BDC0-40BF2705637D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99147D57-7780-4234-B55D-CC9AFBA481C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96C77E80-72C3-4662-A9CE-7C8CC126F1B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8898260C-6D31-41BA-A2F2-A8975B5C7DEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E017D04-2392-483C-AC36-8AF8F061720B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC01082-D54E-4E35-A68C-3CF5A54F2816",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7461886A-A4D4-4193-8366-5DBB3A78A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAE70B6-7384-4909-8A07-3F786A51EF6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-m_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01E97B8A-ABBB-4EE6-9F56-4766FAAA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "044D5792-E5CE-4235-9148-C984AC0F1F6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-sw_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E5AC4C-E6E6-45A0-9E27-54ABC3D224F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-sw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB3742F-CC0B-49E5-B29C-EF4E7D9A7D28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508if-mw_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82EBBC44-1C71-406C-9FF0-39FB493C5931",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508if-mw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "701A8011-7DA5-417F-B36F-ABED3914DED6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-m_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7361627A-4F68-413D-8051-5C3318DD8F51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43A20FF6-2622-4FD4-939C-587B48DD8933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-s_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78B14120-454F-4D1D-A156-1506DD0C0037",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4637E3CC-6474-419C-A78C-963C77AEFF51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-mw_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F5BD0F-74C3-4032-A6CC-90A96EBAA14C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-mw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E5326F-3E4F-40EB-946F-A4D6EA71E9B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_4508f-sw_firmware:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "71C41FA7-2DD7-4788-9874-67ACCADDD456",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_4508f-sw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFA438-A071-445B-86B9-44C22DB7664D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5620g-4c_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9FE392-DF90-4837-9B96-6CC3ADE539CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5620g-4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9385192-A75A-428E-9A04-E443A69B2DF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5612gp-4f_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64BD0899-AA5B-43DA-B741-BC74CF522989",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5612gp-4f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1097E748-4ACA-4D97-8000-A219D0771B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5612g-4f_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03B76261-DAD3-43C9-AAB1-ED30C825A3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5612g-4f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D7393F-8736-4BC7-A611-4E54D14F7893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB3C066-DA69-4C69-ACD1-8AA325667B25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93F24671-F7E7-476E-92CD-CF0061682A6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E34410B0-C4D5-40B9-89A8-95782A55913E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9145BCF4-E8A0-4561-B5D3-B79B8BDD8692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "347A53EC-7C44-46C4-ABAF-CF7AD709B0AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1189AAB8-CFB1-4542-A85D-717E793F67F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9D7474-2DC1-4698-8116-506E05A87E0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B857CDA-1A39-454E-B16C-CE90CD1577B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47FED1A9-830B-4F3D-92C7-5CAEF5F742C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAAB531-DB65-4C51-A2FC-9D7E6FBBCB23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13F06A64-36CA-4023-8217-1ECC065AFC13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "165844C8-B773-49D1-AFFB-564EE4858127",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB9A900-9AC7-4A82-BEED-7002AD81AFDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69857D1C-BA45-4B3F-8F11-9D5636EDFF5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95314D-9AFC-40CB-B449-B195FF94605B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B483B168-203E-4905-9585-B7DDC735A76E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C890BEF3-785C-47F1-A65C-92518E4FAA2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A1FA23F-3E4E-46E5-A0F8-B31895C1B5CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70128CE4-FAF6-4564-BC3F-EFA813A01DD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6628x-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC14B48-37CE-4385-A779-A553850A7B3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E4FFB2-CB4C-4088-A656-84B7F883DF6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D865328-72DC-4802-A82D-DBF30B638583",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C837607-C6FF-40F2-AC88-6A9C48CB1029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16305FB2-E46A-4DDA-9E85-64DAD64B35D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43816A78-45C6-4829-A4C4-72DA8E0E330C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E8437F-8F81-40D5-A4A2-D6D3D1E8DC7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B733CE0-84AC-4E80-9276-F129F41DF88E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C8D47C-A56B-43A2-9A85-4C5823A3B9A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1ADD38-C9C3-42AE-AD9A-D20FE64F44D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51811483-40D1-40B9-82CB-015CEA7A8ACE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC888A2-32AC-4DB0-B073-FE8FE9A565CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "585BC55D-9ED9-4A22-AFED-9C199A89011F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "527AFFFB-0626-41AD-9CD8-0E34ECC4B4A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA11034-5A43-45C5-A48A-B9754A63AFBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B07B4D-6E13-4589-8ACA-ADF728EB4716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-au:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1523A9A-09E0-44E1-96E2-24FE49B7FDAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69E718E1-864B-4B97-8A4C-242E449728A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64F5C7-7FC0-415A-8209-145DA3A296FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C26FCFA8-C978-4967-82CC-7CEBEC9014B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73431E6E-CAF5-4114-A2E8-BE9860558610",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65334CFA-6C17-461E-9137-976244486B42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_6910g-m12_hvdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D90718-B60B-4950-9898-24E315D63F44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7310g-v2_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC7EFE2-DE02-4012-955B-5078348B362C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7310g-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53CE00D4-6846-4C28-83DD-13952831275E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C417B424-3504-4BFB-AFB9-B66C0AF38AD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B817CA4-30DC-419D-AD84-3489CA0C68D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE668B76-D528-4C4F-93CC-893479E2230C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72B8862C-DA86-46DD-957A-7B88C6C42927",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3563599-3CF7-46ED-8734-0A52BA052071",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C722303-26DB-44AD-BF0D-A7930C52A638",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06B11C-154D-4B6A-8E8E-A12831F8211E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF8048-A100-4BDB-B902-B80E70D89173",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6624B567-4DF0-4A67-8C14-EB8E4BE1EEDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:korenix:jetnet_7714g-m12_hvdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0492BC5-5B2C-4DF7-971C-679955DE83AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
},
{
"lang": "es",
"value": "Una vulnerabilidad de verificaci\u00f3n incorrecta de la firma criptogr\u00e1fica en el proceso de actualizaci\u00f3n de Korenix JetNet Series permite reemplazar todo el sistema operativo, incluidos los ejecutables confiables. Este problema afecta a los dispositivos JetNet anteriores a la versi\u00f3n de firmware 2024/01."
}
],
"id": "CVE-2023-5347",
"lastModified": "2024-01-17T17:50:09.620",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "office@cyberdanube.com",
"type": "Secondary"
}
]
},
"published": "2024-01-09T10:15:22.523",
"references": [
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"source": "office@cyberdanube.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"sourceIdentifier": "office@cyberdanube.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "office@cyberdanube.com",
"type": "Secondary"
}
]
}
}
}
}
CVE-2023-5347
Vulnerability from fstec - Published: 31.08.2023
VLAI Severity ?
Title
Уязвимость демона TFTP микропрограммного обеспечения коммутаторов Korenix, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость демона TFTP микропрограммного обеспечения коммутаторов Korenix связана с некорректной проверкой криптографической подписи при загрузке обновлений. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании путем отправки специально созданных UDP-пакетов на порт 5010
Severity ?
Vendor
Korenix Technology
Software Name
Korenix JetNet4508, Korenix JetNet 4508i-w, Korenix JetNet 4508-w, Korenix JetNet 4508if-s, Korenix JetNet 4508if-m, Korenix JetNet 4508if-sw, Korenix JetNet 4508if-mw, Korenix JetNet 4508f-m, Korenix JetNet 4508f-s, Korenix JetNet 4508f-mw, Korenix JetNet 5620G-4C, Korenix JetNet 5612GP-4F, Korenix JetNet 5612G-4F, Korenix JetNet 5728G-24P-AC-2DC, Korenix JetNet 6528Gf-2AC-EU, Korenix JetNet 6528Gf-2AC-US, Korenix JetNet 6528Gf-2DC24, Korenix JetNet 6528Gf-2DC48, Korenix JetNet 6528Gf-AC-EU, Korenix JetNet 6528Gf-AC-US, Korenix JetNet 6628XP-4F-US, Korenix JetNet 6628X-4F-EU, Korenix JETNET 6728G-24P-AC-2DC-US, Korenix JETNET 6728G-24P-AC-2DC-EU, Korenix JetNet 6828Gf-2DC48, Korenix JetNet 6828Gf-2DC24, Korenix JetNet 6828Gf-AC-DC24-US, Korenix JetNet 6828Gf-2AC-US, Korenix JetNet 6828Gf-AC-US, Korenix JetNet 6828Gf-2AC-AU, Korenix JetNet 6828Gf-AC-DC24-EU, Korenix JetNet 6828Gf-2AC-EU, Korenix JetNet 6910G-M12 HVDC, Korenix JetNet 7628XP-4F-EU, Korenix JetNet 7628X-4F-US, Korenix JetNet 7714G-M12 HVDC, Korenix JetNet 5310G, Korenix JetNet 5728G-24P-AC-2DC-EU, Korenix JetNet 7310G V2, Korenix JetNet 7628XP-4F-US, Korenix JetNet 7628X-4F-EU
Software Version
2.3 (Korenix JetNet4508), 1.3 (Korenix JetNet 4508i-w), 2.3 (Korenix JetNet 4508-w), 1.3 (Korenix JetNet 4508if-s), 1.3 (Korenix JetNet 4508if-m), 1.3 (Korenix JetNet 4508if-sw), 1.3 (Korenix JetNet 4508if-mw), 2.3 (Korenix JetNet 4508f-m), 2.3 (Korenix JetNet 4508f-s), 2.3 (Korenix JetNet 4508f-mw), 1.1 (Korenix JetNet 5620G-4C), 1.2 (Korenix JetNet 5612GP-4F), 1.2 (Korenix JetNet 5612G-4F), 2.1 (Korenix JetNet 5728G-24P-AC-2DC), 1.0 (Korenix JetNet 6528Gf-2AC-EU), 1.0 (Korenix JetNet 6528Gf-2AC-US), 1.0 (Korenix JetNet 6528Gf-2DC24), 1.0 (Korenix JetNet 6528Gf-2DC48), 1.0 (Korenix JetNet 6528Gf-AC-EU), 1.0 (Korenix JetNet 6528Gf-AC-US), 1.1 (Korenix JetNet 6628XP-4F-US), 1.0 (Korenix JetNet 6628X-4F-EU), 1.1 (Korenix JETNET 6728G-24P-AC-2DC-US), 1.1 (Korenix JETNET 6728G-24P-AC-2DC-EU), 1.0 (Korenix JetNet 6828Gf-2DC48), 1.0 (Korenix JetNet 6828Gf-2DC24), 1.0 (Korenix JetNet 6828Gf-AC-DC24-US), 1.0 (Korenix JetNet 6828Gf-2AC-US), 1.0 (Korenix JetNet 6828Gf-AC-US), 1.0 (Korenix JetNet 6828Gf-2AC-AU), 1.0 (Korenix JetNet 6828Gf-AC-DC24-EU), 1.0 (Korenix JetNet 6828Gf-2AC-EU), 1.0 (Korenix JetNet 6910G-M12 HVDC), 1.0 (Korenix JetNet 7628XP-4F-EU), 1.1 (Korenix JetNet 7628XP-4F-EU), 1.0 (Korenix JetNet 7628X-4F-US), 1.0 (Korenix JetNet 7714G-M12 HVDC), 2.6 (Korenix JetNet 5310G), 2.3 (Korenix JetNet 4508if-sw), 2.0 (Korenix JetNet 5728G-24P-AC-2DC-EU), 2.0 (Korenix JetNet 7310G V2), 1.0 (Korenix JetNet 7628XP-4F-US), 1.1 (Korenix JetNet 7628XP-4F-US), 1.0 (Korenix JetNet 7628X-4F-EU)
Possible Mitigations
Компенсирующие меры:
- ограничение доступа к устройству из общедоступных сетей (Интернет);
- использование средств межсетевого экранирования и средств обнаружения и предотвращения вторжений (IDS/IPS) для отслеживания подключений к устройству;
- сегментирование сети с целью ограничения доступа к устройству из других подсетей.
- подключение к терминалу и использование следующих команд для деактивации демона TFTP на устройстве с целью
предотвращения злоупотреблением службой неаутентифицированными субъектами:
Switch# configure terminal
Switch(config)# service ipscan disable
Switch(config)# tftpd disable
Switch(config)# copy running-config startup-config
Reference
http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
http://seclists.org/fulldisclosure/2024/Jan/11
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
https://www.beijerelectronics.com/en/support/Help___online?docId=69947
CWE
CWE-347
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Korenix Technology",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "2.3 (Korenix JetNet4508), 1.3 (Korenix JetNet 4508i-w), 2.3 (Korenix JetNet 4508-w), 1.3 (Korenix JetNet 4508if-s), 1.3 (Korenix JetNet 4508if-m), 1.3 (Korenix JetNet 4508if-sw), 1.3 (Korenix JetNet 4508if-mw), 2.3 (Korenix JetNet 4508f-m), 2.3 (Korenix JetNet 4508f-s), 2.3 (Korenix JetNet 4508f-mw), 1.1 (Korenix JetNet 5620G-4C), 1.2 (Korenix JetNet 5612GP-4F), 1.2 (Korenix JetNet 5612G-4F), 2.1 (Korenix JetNet 5728G-24P-AC-2DC), 1.0 (Korenix JetNet 6528Gf-2AC-EU), 1.0 (Korenix JetNet 6528Gf-2AC-US), 1.0 (Korenix JetNet 6528Gf-2DC24), 1.0 (Korenix JetNet 6528Gf-2DC48), 1.0 (Korenix JetNet 6528Gf-AC-EU), 1.0 (Korenix JetNet 6528Gf-AC-US), 1.1 (Korenix JetNet 6628XP-4F-US), 1.0 (Korenix JetNet 6628X-4F-EU), 1.1 (Korenix JETNET 6728G-24P-AC-2DC-US), 1.1 (Korenix JETNET 6728G-24P-AC-2DC-EU), 1.0 (Korenix JetNet 6828Gf-2DC48), 1.0 (Korenix JetNet 6828Gf-2DC24), 1.0 (Korenix JetNet 6828Gf-AC-DC24-US), 1.0 (Korenix JetNet 6828Gf-2AC-US), 1.0 (Korenix JetNet 6828Gf-AC-US), 1.0 (Korenix JetNet 6828Gf-2AC-AU), 1.0 (Korenix JetNet 6828Gf-AC-DC24-EU), 1.0 (Korenix JetNet 6828Gf-2AC-EU), 1.0 (Korenix JetNet 6910G-M12 HVDC), 1.0 (Korenix JetNet 7628XP-4F-EU), 1.1 (Korenix JetNet 7628XP-4F-EU), 1.0 (Korenix JetNet 7628X-4F-US), 1.0 (Korenix JetNet 7714G-M12 HVDC), 2.6 (Korenix JetNet 5310G), 2.3 (Korenix JetNet 4508if-sw), 2.0 (Korenix JetNet 5728G-24P-AC-2DC-EU), 2.0 (Korenix JetNet 7310G V2), 1.0 (Korenix JetNet 7628XP-4F-US), 1.1 (Korenix JetNet 7628XP-4F-US), 1.0 (Korenix JetNet 7628X-4F-EU)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442);\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (IDS/IPS) \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u0434\u0441\u0435\u0442\u0435\u0439.\n- \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0434\u0435\u043c\u043e\u043d\u0430 TFTP \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0441 \u0446\u0435\u043b\u044c\u044e\n\u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435\u043c \u0441\u043b\u0443\u0436\u0431\u043e\u0439 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438:\nSwitch# configure terminal\nSwitch(config)# service ipscan disable\nSwitch(config)# tftpd disable\nSwitch(config)# copy running-config startup-config",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "31.08.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "15.02.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.02.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01312",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-5347",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Korenix JetNet4508, Korenix JetNet 4508i-w, Korenix JetNet 4508-w, Korenix JetNet 4508if-s, Korenix JetNet 4508if-m, Korenix JetNet 4508if-sw, Korenix JetNet 4508if-mw, Korenix JetNet 4508f-m, Korenix JetNet 4508f-s, Korenix JetNet 4508f-mw, Korenix JetNet 5620G-4C, Korenix JetNet 5612GP-4F, Korenix JetNet 5612G-4F, Korenix JetNet 5728G-24P-AC-2DC, Korenix JetNet 6528Gf-2AC-EU, Korenix JetNet 6528Gf-2AC-US, Korenix JetNet 6528Gf-2DC24, Korenix JetNet 6528Gf-2DC48, Korenix JetNet 6528Gf-AC-EU, Korenix JetNet 6528Gf-AC-US, Korenix JetNet 6628XP-4F-US, Korenix JetNet 6628X-4F-EU, Korenix JETNET 6728G-24P-AC-2DC-US, Korenix JETNET 6728G-24P-AC-2DC-EU, Korenix JetNet 6828Gf-2DC48, Korenix JetNet 6828Gf-2DC24, Korenix JetNet 6828Gf-AC-DC24-US, Korenix JetNet 6828Gf-2AC-US, Korenix JetNet 6828Gf-AC-US, Korenix JetNet 6828Gf-2AC-AU, Korenix JetNet 6828Gf-AC-DC24-EU, Korenix JetNet 6828Gf-2AC-EU, Korenix JetNet 6910G-M12 HVDC, Korenix JetNet 7628XP-4F-EU, Korenix JetNet 7628X-4F-US, Korenix JetNet 7714G-M12 HVDC, Korenix JetNet 5310G, Korenix JetNet 5728G-24P-AC-2DC-EU, Korenix JetNet 7310G V2, Korenix JetNet 7628XP-4F-US, Korenix JetNet 7628X-4F-EU",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u043c\u043e\u043d\u0430 TFTP \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 Korenix, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (CWE-347)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u043c\u043e\u043d\u0430 TFTP \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 Korenix \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 UDP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043d\u0430 \u043f\u043e\u0440\u0442 5010",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html \nhttp://seclists.org/fulldisclosure/2024/Jan/11 \nhttps://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/ \nhttps://www.beijerelectronics.com/en/support/Help___online?docId=69947",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-347",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…