Multiple UC series IPC are affected by CVE-2023-48795. These vulnerabilities are caused by insufficient integrity checks of packets during a handshake. An attacker in a network position between the client and server could omit some negotiation message, forcing to downgrade or disable some security features without detection. This vulnerability may lead to bypass authentication.
The identified vulnerability types and potential impacts are shown below:
Item |
Vulnerability Type |
Impact |
1 |
Improper Validation of Integrity Check Value (CWE-354)
CVE-2023-48795
|
An attacker may bypass the authentication mechanism. |
Vulnerability Scoring Details