Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.
Metrics
Affected Vendors & Products
References
History
Mon, 28 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-07-18T00:00:00
Updated: 2024-10-28T18:19:59.904Z
Reserved: 2023-06-25T00:00:00
Link: CVE-2023-36669
Vulnrichment
Updated: 2024-08-02T16:52:53.999Z
NVD
Status : Analyzed
Published: 2023-07-18T18:15:12.553
Modified: 2023-07-28T13:09:36.697
Link: CVE-2023-36669
Redhat
No data.