Vulnerability Details : CVE-2023-41963
Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.
Vulnerability category: Denial of service
Products affected by CVE-2023-41963
- cpe:2.3:o:jtekt:gc-a22w-cw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a24w-c\(w\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a26w-c\(w\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a24_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a24-m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a25_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a26_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a26-j2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a27-c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:jtekt:gc-a28-c_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-41963
0.57%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-41963
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2023-41963
-
The product does not properly control the allocation and maintenance of a limited resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-41963
-
https://jvn.jp/en/jp/JVN34145838/
JVN#34145838: Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 seriesThird Party Advisory
-
https://www.electronics.jtekt.co.jp/en/topics/202312116562/
[Update notice] HMI GC-A2 series|JTEKT ELECTRONICS CORPORATIONVendor Advisory
Jump to