CVE-2023-4929
high-risk
Published 2023-10-03
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (20)
Nport 5150Ai-M12-Ct-T Firmware
Nport 5250Ai-M12-Ct-T Firmware
Nport 5150Ai-M12-T Firmware
Nport 5250Ai-M12-T Firmware
Nport 5450Ai-M12-Ct-T Firmware
Nport 5150Ai-M12 Firmware
Nport 5250Ai-M12 Firmware
Nport 5150Ai-M12-Ct Firmware
Nport 5250Ai-M12-Ct Firmware
Nport 5450Ai-M12-T Firmware
Nport 5450Ai-M12 Firmware
Nport 5450Ai-M12-Ct Firmware
Nport 5130 Firmware
Nport 5150 Firmware
Nport 5110 Firmware
Nport 5110-T Firmware
Nport 5110A Firmware
Nport 5110A-T Firmware
Nport 5130A Firmware
Nport 5130A-T Firmware
Affected Vendors
References (2)
54
/ 100
high-risk
Severity
24/34 · High
Exploitability
0/34 · Minimal
Exposure
30/34 · Critical