CVE-2023-41960

moderate-risk
Published 2023-10-25

The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.

Do I need to act?

-
0.07% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.1/10 High
LOCAL / LOW complexity

Affected Products (3)

Ctrlx Hmi Web Panel Wr2107 Firmware
Ctrlx Hmi Web Panel Wr2110 Firmware
Ctrlx Hmi Web Panel Wr2115 Firmware

Affected Vendors

Boschrexroth

References (2)

Mitigation https://psirt.bosch.com/security-advisories/BOSCH-SA-175607.html
Mitigation https://psirt.bosch.com/security-advisories/BOSCH-SA-175607.html
31
/ 100
moderate-risk
Severity 22/34 · High
Exploitability 0/34 · Minimal
Exposure 9/34 · Low