CVE-2023-5347
09.01.2024, 10:15
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.This issue affects JetNet devices older than firmware version 2024/01.Enginsight
Vendor | Product | Version |
---|---|---|
korenix | jetnet_5310g_firmware | 2.6 |
korenix | jetnet_4508_firmware | 2.3 |
korenix | jetnet_4508i-w_firmware | 1.3 |
korenix | jetnet_4508-w_firmware | 2.3 |
korenix | jetnet_4508if-s_firmware | 1.3 |
korenix | jetnet_4508if-m_firmware | 1.3 |
korenix | jetnet_4508if-sw_firmware | 1.3 |
korenix | jetnet_4508if-mw_firmware | 1.3 |
korenix | jetnet_4508f-m_firmware | 2.3 |
korenix | jetnet_4508f-s_firmware | 2.3 |
korenix | jetnet_4508f-mw_firmware | 2.3 |
korenix | jetnet_4508f-sw_firmware | 2.3 |
korenix | jetnet_5620g-4c_firmware | 1.1 |
korenix | jetnet_5612gp-4f_firmware | 1.2 |
korenix | jetnet_5612g-4f_firmware | 1.2 |
korenix | jetnet_5728g-24p-ac-2dc-us_firmware | 2.1 |
korenix | jetnet_5728g-24p-ac-2dc-eu_firmware | 2.1 |
korenix | jetnet_6528gf-2ac-eu_firmware | 1.0 |
korenix | jetnet_6528gf-2ac-us_firmware | 1.0 |
korenix | jetnet_6528gf-2dc24_firmware | 1.0 |
korenix | jetnet_6528gf-2dc48_firmware | 1.0 |
korenix | jetnet_6528gf-ac-eu_firmware | 1.0 |
korenix | jetnet_6528gf-ac-us_firmware | 1.0 |
korenix | jetnet_6628xp-4f-us_firmware | 1.1 |
korenix | jetnet_6628x-4f-eu_firmware | 1.0 |
korenix | jetnet_6728g-24p-ac-2dc-us_firmware | 1.1 |
korenix | jetnet_6728g-24p-ac-2dc-eu_firmware | 1.1 |
korenix | jetnet_6828gf-2dc48_firmware | 1.0 |
korenix | jetnet_6828gf-2dc24_firmware | 1.0 |
korenix | jetnet_6828gf-ac-dc24-us_firmware | 1.0 |
korenix | jetnet_6828gf-2ac-us_firmware | 1.0 |
korenix | jetnet_6828gf-ac-us_firmware | 1.0 |
korenix | jetnet_6828gf-2ac-au_firmware | 1.0 |
korenix | jetnet_6828gf-ac-dc24-eu_firmware | 1.0 |
korenix | jetnet_6828gf-2ac-eu_firmware | 1.0 |
korenix | jetnet_6910g-m12_hvdc_firmware | 1.0 |
korenix | jetnet_7310g-v2_firmware | 1.0 |
korenix | jetnet_7628xp-4f-us_firmware | 1.0 |
korenix | jetnet_7628xp-4f-us_firmware | 1.1 |
korenix | jetnet_7628xp-4f-eu_firmware | 1.0 |
korenix | jetnet_7628xp-4f-eu_firmware | 1.1 |
korenix | jetnet_7628x-4f-us_firmware | 1.0 |
korenix | jetnet_7628x-4f-eu_firmware | 1.0 |
korenix | jetnet_7714g-m12_hvdc_firmware | 1.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
- CWE-347 - Improper Verification of Cryptographic SignatureThe software does not verify, or incorrectly verifies, the cryptographic signature for data.
References