Privilege Escalation Vulnerability in RUGGEDCOM and SCALANCE Networking Devices
CVE-2023-44374 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.
Learn more about our User Device Pen Test.