CVE-2023-0898

General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H
icscertCNA
5.3 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
VendorProductVersion
gemicom_s1_agile
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23
https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23