CVE-2023-33684

Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NAT protocol.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.7 MEDIUM
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
dbbroadcastsft_dab_600\/c_bios
7.1
dbbroadcastsft_dab_600\/c_firmware
1.9.3
𝑥
= Vulnerable software versions
References
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5771.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5771.php