Vulnerability Details : CVE-2023-5462
A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-241585 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Vulnerability category: Denial of service
Products affected by CVE-2023-5462
- cpe:2.3:o:xinje:xd5e-30r-e_firmware:3.5.3b:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-5462
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-5462
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | AV:A/AC:L/Au:N/C:N/I:N/A:C |
6.5
|
6.9
|
VulDB | |
6.5
|
MEDIUM | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
VulDB | |
6.5
|
MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
VulDB | 2024-02-29 |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2023-5462
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by: cna@vuldb.com (Primary)
References for CVE-2023-5462
-
https://vuldb.com/?ctiid.241585
Login requiredPermissions Required;Third Party Advisory
-
https://drive.google.com/drive/folders/1jik8hRjD8N2IkxOHP5wsJUEya09jCv2n
XINJE PLC XD5E-30R-E Denial of Service Vulnerability - Google DrivePermissions Required
-
https://vuldb.com/?id.241585
CVE-2023-5462: XINJE XD5E-30R-E Modbus denial of serviceThird Party Advisory
Jump to