CVE-2023-38555
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-20 CVE Reserved
- 2023-07-26 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/vu/JVNVU96643580 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.fujitsu.com/jp/products/network/support/2023/fjlan-01 | 2023-08-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fujitsu Search vendor "Fujitsu" | Si-r 30b Firmware Search vendor "Fujitsu" for product "Si-r 30b Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r 30b Search vendor "Fujitsu" for product "Si-r 30b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r 130b Firmware Search vendor "Fujitsu" for product "Si-r 130b Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r 130b Search vendor "Fujitsu" for product "Si-r 130b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r 90brin Firmware Search vendor "Fujitsu" for product "Si-r 90brin Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r 90brin Search vendor "Fujitsu" for product "Si-r 90brin" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r570b Firmware Search vendor "Fujitsu" for product "Si-r570b Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r570b Search vendor "Fujitsu" for product "Si-r570b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r370b Firmware Search vendor "Fujitsu" for product "Si-r370b Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r370b Search vendor "Fujitsu" for product "Si-r370b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r220d Firmware Search vendor "Fujitsu" for product "Si-r220d Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r220d Search vendor "Fujitsu" for product "Si-r220d" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G100 Firmware Search vendor "Fujitsu" for product "Si-r G100 Firmware" | <= 02.54 Search vendor "Fujitsu" for product "Si-r G100 Firmware" and version " <= 02.54" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G100 Search vendor "Fujitsu" for product "Si-r G100" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G200 Firmware Search vendor "Fujitsu" for product "Si-r G200 Firmware" | <= 02.54 Search vendor "Fujitsu" for product "Si-r G200 Firmware" and version " <= 02.54" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G200 Search vendor "Fujitsu" for product "Si-r G200" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G100b Firmware Search vendor "Fujitsu" for product "Si-r G100b Firmware" | <= 04.12 Search vendor "Fujitsu" for product "Si-r G100b Firmware" and version " <= 04.12" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G100b Search vendor "Fujitsu" for product "Si-r G100b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G110b Firmware Search vendor "Fujitsu" for product "Si-r G110b Firmware" | <= 04.12 Search vendor "Fujitsu" for product "Si-r G110b Firmware" and version " <= 04.12" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G110b Search vendor "Fujitsu" for product "Si-r G110b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G200b Firmware Search vendor "Fujitsu" for product "Si-r G200b Firmware" | <= 04.12 Search vendor "Fujitsu" for product "Si-r G200b Firmware" and version " <= 04.12" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G200b Search vendor "Fujitsu" for product "Si-r G200b" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G210 Firmware Search vendor "Fujitsu" for product "Si-r G210 Firmware" | <= 20.52 Search vendor "Fujitsu" for product "Si-r G210 Firmware" and version " <= 20.52" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G210 Search vendor "Fujitsu" for product "Si-r G210" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G211 Firmware Search vendor "Fujitsu" for product "Si-r G211 Firmware" | <= 20.52 Search vendor "Fujitsu" for product "Si-r G211 Firmware" and version " <= 20.52" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G211 Search vendor "Fujitsu" for product "Si-r G211" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G120 Firmware Search vendor "Fujitsu" for product "Si-r G120 Firmware" | <= 20.52 Search vendor "Fujitsu" for product "Si-r G120 Firmware" and version " <= 20.52" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G120 Search vendor "Fujitsu" for product "Si-r G120" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Si-r G121 Firmware Search vendor "Fujitsu" for product "Si-r G121 Firmware" | <= 20.52 Search vendor "Fujitsu" for product "Si-r G121 Firmware" and version " <= 20.52" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Si-r G121 Search vendor "Fujitsu" for product "Si-r G121" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | Sr-m 50ap1 Firmware Search vendor "Fujitsu" for product "Sr-m 50ap1 Firmware" | * | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | Sr-m 50ap1 Search vendor "Fujitsu" for product "Sr-m 50ap1" | - | - |
Safe
|