CVE-2023-28809
moderate-risk
Published 2023-06-15
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
Do I need to act?
-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ HIGH complexity
Affected Products (20)
Ds-K1T320Efwx Firmware
Ds-K1T320Efx Firmware
Ds-K1T320Ewx Firmware
Ds-K1T320Ex Firmware
Ds-K1T320Mfwx Firmware
Ds-K1T320Mfx Firmware
Ds-K1T320Mwx Firmware
Ds-K1T320Mx Firmware
Ds-K1T341Am Firmware
Ds-K1T341Amf Firmware
Ds-K1T341Cm Firmware
Ds-K1T343Ewx Firmware
Ds-K1T343Ex Firmware
Ds-K1T343Mwx Firmware
Ds-K1T343Mx Firmware
Ds-K1T671 Firmware
Ds-K1T671M Firmware
Ds-K1T671Mf Firmware
Ds-K1T671T Firmware
Ds-K1T671Tm Firmware
Affected Vendors
References (4)
44
/ 100
moderate-risk
Severity
22/34 · High
Exploitability
1/34 · Minimal
Exposure
21/34 · High