CVE-2023-47262

low-risk

Published 2023-11-14

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit.

Do I need to act?

0.09% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.2/10 Medium

PHYSICAL / LOW complexity

Affected Products (1)

Id Now Firmware

Affected Vendors

Abbott

References (4)

Vendor Advisory https://www.cybersecurity.abbott/home/product-advisories.html

Mitigation https://www.cybersecurity.abbott/home/product-advisories/id-now.html

Vendor Advisory https://www.cybersecurity.abbott/home/product-advisories.html

Mitigation https://www.cybersecurity.abbott/home/product-advisories/id-now.html

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal