CVE-2023-27389
Vulnerability from cvelistv5
Published
2023-04-11 00:00
Modified
2024-08-02 12:09
Severity ?
Summary
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).
References
vultures@jpcert.or.jphttps://jvn.jp/en/vu/JVNVU96198617/Third Party Advisory
vultures@jpcert.or.jphttps://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdfMitigation, Vendor Advisory
vultures@jpcert.or.jphttps://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmwareProduct
vultures@jpcert.or.jphttps://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmwareProduct
vultures@jpcert.or.jphttps://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmwareProduct
Impacted products
Contec CO.,LTD.CONPROSYS IoT Gateway products
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:09:43.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU96198617/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CONPROSYS IoT Gateway products",
          "vendor": "Contec CO.,LTD.",
          "versions": [
            {
              "status": "affected",
              "version": "M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inadequate encryption strength",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T00:00:00",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf"
        },
        {
          "url": "https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware"
        },
        {
          "url": "https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware"
        },
        {
          "url": "https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU96198617/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-27389",
    "datePublished": "2023-04-11T00:00:00",
    "dateReserved": "2023-03-14T00:00:00",
    "dateUpdated": "2024-08-02T12:09:43.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-27389\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-04-11T09:15:08.110\",\"lastModified\":\"2023-04-18T19:37:43.703\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mg341-adsc1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.10\",\"matchCriteriaId\":\"946A1696-7212-4787-A93C-7B6EDE53D996\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mg341-adsc1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9638515-553F-477E-9673-0CABD9151E35\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mg341-adsc1-931_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.10\",\"matchCriteriaId\":\"56B10D03-57E7-455E-8E8E-AD3582D24D6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mg341-adsc1-931:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72421FDB-FCDB-428E-82A0-3C7ED662E77E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mg341g-adsc1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.10\",\"matchCriteriaId\":\"D5849A88-069E-433D-BED6-2C74B3F6E30B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mg341g-adsc1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E2F1D4-BA1E-4069-87DC-9DD0216AB7FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mg341g-adsc1-930_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.10\",\"matchCriteriaId\":\"604E57A1-850D-4FF0-8D4E-67717FA2EFF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mg341g-adsc1-930:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8027E77D-4F44-482D-9748-815FECCC94E6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mg341g5-adsc1-931_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.10\",\"matchCriteriaId\":\"17D8495F-D070-43BB-8CE1-EC3692B40F2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mg341g5-adsc1-931:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27224ED7-6205-4E2D-B452-6329C6B58EAF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-adsc1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"23CD1E0D-AE78-4498-8817-5C1FCDF4B921\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-adsc1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A7EE4F3-F8F1-4BC5-B5FA-69D92D389793\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-adsc1-931_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"65F5FA0E-C040-4CA6-A53F-DC9EDAA4EFE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-adsc1-931:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98E492A7-E7AC-458B-9952-408D915C9AC2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-adsc2-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"80DAF840-FFCC-4E4F-A964-A0D3D9761E2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-adsc2-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79518B9-A98D-4D71-9F96-E8F9FF441BB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341g-adsc1-110_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"5A00EE55-8CFC-434A-B187-442F3184BCD3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341g-adsc1-110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"289A036E-C360-4192-BD4B-FD046B1D48D0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341q-adsc1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"94F943B3-1397-48D7-BE7C-6C4A773F821E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341q-adsc1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CD6F197-ED5A-4414-9CAD-666732EB1E63\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-ds1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"DE3C651C-68A3-4776-826F-3CCCF8DC2C24\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-ds1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"067D054D-D81A-400F-8883-AD290F4F346E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-ds11-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"14143147-D19C-4C83-A49D-D47E29B990DE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-ds11-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"019C8FDA-B856-4D9F-BF59-B25A8EAE4489\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-ds2-911_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"F0EF7B61-73C1-4467-AD42-A38DBF420510\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-ds2-911:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04D8729-A3A8-4FBA-A3FA-0D1C9E0CC607\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mc341-a1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.6\",\"matchCriteriaId\":\"0EB5F6C9-C2D4-4735-A3E8-9C2C59812E5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mc341-a1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29496995-56D5-485B-9D18-6519D8486272\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mcs341-ds1-111_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.8\",\"matchCriteriaId\":\"F74B9B92-0B7D-441C-93BF-7F152CF02FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mcs341-ds1-111:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"791D09FA-1CBA-4334-B62D-DDE8CC4FE629\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mcs341-ds1-131_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.8\",\"matchCriteriaId\":\"4DE8075E-9645-4C32-984C-1ECA947645D9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mcs341-ds1-131:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A77D134-C344-4900-933E-DEC74F8DB29D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mcs341g-ds1-130_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.8\",\"matchCriteriaId\":\"6ECA4990-8F3D-41C7-AC96-6EA10AB58AE4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mcs341g-ds1-130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CEA79F-F7DD-4E29-82DC-E828C27A80B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mcs341g5-ds1-130_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.8\",\"matchCriteriaId\":\"9AA64568-FE3F-4C4C-8DFF-C77B226004FA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mcs341g5-ds1-130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B5B4009-93EB-462B-A9A3-A42506DDA853\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:contec:cps-mcs341q-ds1-131_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.8\",\"matchCriteriaId\":\"66D99898-0EB9-4728-8C97-476AE6BF1746\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:contec:cps-mcs341q-ds1-131:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A570103-F5D1-48D3-A7D1-9F8ED71B44DD\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU96198617/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Product\"]},{\"url\":\"https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Product\"]},{\"url\":\"https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Product\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.