CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6355
https://notcve.org/view.php?id=CVE-2023-6355
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)). La selección incorrecta de valores de fusibles en la plataforma Controller 7000 permite a un atacante eludir algunos mecanismos de protección para habilitar la depuración local. Este problema afecta a: Gallagher Controller 7000 9.00 anterior a vCR9.00.231204b (distribuido en 9.00.1507 (MR1)), 8.90 anterior a vCR8.90.231204a (distribuido en 8.90.1620 (MR2)), 8.80 anterior a vCR8.80.231204a (distribuido en 8.80.1369 (MR3)), 8.70 antes de vCR8.70.231204a (distribuido en 8.70.2375 (MR5)). • https://security.gallagher.com/Security-Advisories/CVE-2023-6355 • CWE-863: Incorrect Authorization CWE-1253: Incorrect Selection of Fuse Values •