Privilege Escalation Vulnerability in RUGGEDCOM and SCALANCE Networking Devices

Privilege Escalation Vulnerability in RUGGEDCOM and SCALANCE Networking Devices

CVE-2023-44374 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.

Learn more about our User Device Pen Test.