CVE-2023-41963

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

Existe una vulnerabilidad de Denegación de Servicio (DoS) en el servicio FTP de la serie HMI GC-A2. Si un atacante remoto no autenticado envía paquetes especialmente manipulados a puertos específicos, puede producirse una condición de Denegación de Servicio (DoS).

*Credits: N/A

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-11-30 CVE Reserved
2023-12-12 CVE Published
2024-08-02 CVE Updated
2024-11-11 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (2)

URL	Tag	Source
https://jvn.jp/en/jp/JVN34145838	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.electronics.jtekt.co.jp/en/topics/202312116562	2023-12-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Jtekt Search vendor "Jtekt"	Gc-a22w-cw Firmware Search vendor "Jtekt" for product "Gc-a22w-cw Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a22w-cw Search vendor "Jtekt" for product "Gc-a22w-cw"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a24w-c\(w\) Firmware Search vendor "Jtekt" for product "Gc-a24w-c\(w\) Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a24w-c\(w\) Search vendor "Jtekt" for product "Gc-a24w-c\(w\)"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a26w-c\(w\) Firmware Search vendor "Jtekt" for product "Gc-a26w-c\(w\) Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a26w-c\(w\) Search vendor "Jtekt" for product "Gc-a26w-c\(w\)"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a24 Firmware Search vendor "Jtekt" for product "Gc-a24 Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a24 Search vendor "Jtekt" for product "Gc-a24"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a24-m Firmware Search vendor "Jtekt" for product "Gc-a24-m Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a24-m Search vendor "Jtekt" for product "Gc-a24-m"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a25 Firmware Search vendor "Jtekt" for product "Gc-a25 Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a25 Search vendor "Jtekt" for product "Gc-a25"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a26 Firmware Search vendor "Jtekt" for product "Gc-a26 Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a26 Search vendor "Jtekt" for product "Gc-a26"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a26-j2 Firmware Search vendor "Jtekt" for product "Gc-a26-j2 Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a26-j2 Search vendor "Jtekt" for product "Gc-a26-j2"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a27-c Firmware Search vendor "Jtekt" for product "Gc-a27-c Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a27-c Search vendor "Jtekt" for product "Gc-a27-c"	-	-	Safe
Jtekt Search vendor "Jtekt"	Gc-a28-c Firmware Search vendor "Jtekt" for product "Gc-a28-c Firmware"	*	-	Affected	in	Jtekt Search vendor "Jtekt"	Gc-a28-c Search vendor "Jtekt" for product "Gc-a28-c"	-	-	Safe