CVE-2023-5347
Unauthenticated Firmware Upgrade
Severity Score
9.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Una vulnerabilidad de verificación incorrecta de la firma criptográfica en el proceso de actualización de Korenix JetNet Series permite reemplazar todo el sistema operativo, incluidos los ejecutables confiables. Este problema afecta a los dispositivos JetNet anteriores a la versión de firmware 2024/01.
Korenix JetNet Series allows TFTP without authentication and also allows for unauthenticated firmware upgrades.
*Credits:
S. Dietz (CyberDanube)
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-10-03 CVE Reserved
- 2024-01-09 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-11-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-347: Improper Verification of Cryptographic Signature
CAPEC
- CAPEC-552: Install Rootkit
- CAPEC-558: Replace Trusted Executable
- CAPEC-642: Replace Binaries
References (4)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.beijerelectronics.com/en/support/Help___online?docId=69947 | 2024-01-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Korenix Search vendor "Korenix" | Jetnet 5310g Firmware Search vendor "Korenix" for product "Jetnet 5310g Firmware" | 2.6 Search vendor "Korenix" for product "Jetnet 5310g Firmware" and version "2.6" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5310g Search vendor "Korenix" for product "Jetnet 5310g" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508 Firmware Search vendor "Korenix" for product "Jetnet 4508 Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508 Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508 Search vendor "Korenix" for product "Jetnet 4508" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508i-w Firmware Search vendor "Korenix" for product "Jetnet 4508i-w Firmware" | 1.3 Search vendor "Korenix" for product "Jetnet 4508i-w Firmware" and version "1.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508i-w Search vendor "Korenix" for product "Jetnet 4508i-w" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508-w Firmware Search vendor "Korenix" for product "Jetnet 4508-w Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508-w Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508-w Search vendor "Korenix" for product "Jetnet 4508-w" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508if-s Firmware Search vendor "Korenix" for product "Jetnet 4508if-s Firmware" | 1.3 Search vendor "Korenix" for product "Jetnet 4508if-s Firmware" and version "1.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508if-s Search vendor "Korenix" for product "Jetnet 4508if-s" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508if-m Firmware Search vendor "Korenix" for product "Jetnet 4508if-m Firmware" | 1.3 Search vendor "Korenix" for product "Jetnet 4508if-m Firmware" and version "1.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508if-m Search vendor "Korenix" for product "Jetnet 4508if-m" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508if-sw Firmware Search vendor "Korenix" for product "Jetnet 4508if-sw Firmware" | 1.3 Search vendor "Korenix" for product "Jetnet 4508if-sw Firmware" and version "1.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508if-sw Search vendor "Korenix" for product "Jetnet 4508if-sw" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508if-mw Firmware Search vendor "Korenix" for product "Jetnet 4508if-mw Firmware" | 1.3 Search vendor "Korenix" for product "Jetnet 4508if-mw Firmware" and version "1.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508if-mw Search vendor "Korenix" for product "Jetnet 4508if-mw" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508f-m Firmware Search vendor "Korenix" for product "Jetnet 4508f-m Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508f-m Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508f-m Search vendor "Korenix" for product "Jetnet 4508f-m" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508f-s Firmware Search vendor "Korenix" for product "Jetnet 4508f-s Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508f-s Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508f-s Search vendor "Korenix" for product "Jetnet 4508f-s" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508f-mw Firmware Search vendor "Korenix" for product "Jetnet 4508f-mw Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508f-mw Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508f-mw Search vendor "Korenix" for product "Jetnet 4508f-mw" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 4508f-sw Firmware Search vendor "Korenix" for product "Jetnet 4508f-sw Firmware" | 2.3 Search vendor "Korenix" for product "Jetnet 4508f-sw Firmware" and version "2.3" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 4508f-sw Search vendor "Korenix" for product "Jetnet 4508f-sw" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 5620g-4c Firmware Search vendor "Korenix" for product "Jetnet 5620g-4c Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 5620g-4c Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5620g-4c Search vendor "Korenix" for product "Jetnet 5620g-4c" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 5612gp-4f Firmware Search vendor "Korenix" for product "Jetnet 5612gp-4f Firmware" | 1.2 Search vendor "Korenix" for product "Jetnet 5612gp-4f Firmware" and version "1.2" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5612gp-4f Search vendor "Korenix" for product "Jetnet 5612gp-4f" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 5612g-4f Firmware Search vendor "Korenix" for product "Jetnet 5612g-4f Firmware" | 1.2 Search vendor "Korenix" for product "Jetnet 5612g-4f Firmware" and version "1.2" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5612g-4f Search vendor "Korenix" for product "Jetnet 5612g-4f" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 5728g-24p-ac-2dc-us Firmware Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-us Firmware" | 2.1 Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-us Firmware" and version "2.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5728g-24p-ac-2dc-us Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 5728g-24p-ac-2dc-eu Firmware Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-eu Firmware" | 2.1 Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-eu Firmware" and version "2.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 5728g-24p-ac-2dc-eu Search vendor "Korenix" for product "Jetnet 5728g-24p-ac-2dc-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-2ac-eu Firmware Search vendor "Korenix" for product "Jetnet 6528gf-2ac-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-2ac-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-2ac-eu Search vendor "Korenix" for product "Jetnet 6528gf-2ac-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-2ac-us Firmware Search vendor "Korenix" for product "Jetnet 6528gf-2ac-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-2ac-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-2ac-us Search vendor "Korenix" for product "Jetnet 6528gf-2ac-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-2dc24 Firmware Search vendor "Korenix" for product "Jetnet 6528gf-2dc24 Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-2dc24 Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-2dc24 Search vendor "Korenix" for product "Jetnet 6528gf-2dc24" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-2dc48 Firmware Search vendor "Korenix" for product "Jetnet 6528gf-2dc48 Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-2dc48 Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-2dc48 Search vendor "Korenix" for product "Jetnet 6528gf-2dc48" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-ac-eu Firmware Search vendor "Korenix" for product "Jetnet 6528gf-ac-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-ac-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-ac-eu Search vendor "Korenix" for product "Jetnet 6528gf-ac-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6528gf-ac-us Firmware Search vendor "Korenix" for product "Jetnet 6528gf-ac-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6528gf-ac-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6528gf-ac-us Search vendor "Korenix" for product "Jetnet 6528gf-ac-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6628xp-4f-us Firmware Search vendor "Korenix" for product "Jetnet 6628xp-4f-us Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 6628xp-4f-us Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6628xp-4f-us Search vendor "Korenix" for product "Jetnet 6628xp-4f-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6628x-4f-eu Firmware Search vendor "Korenix" for product "Jetnet 6628x-4f-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6628x-4f-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6628x-4f-eu Search vendor "Korenix" for product "Jetnet 6628x-4f-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6728g-24p-ac-2dc-us Firmware Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-us Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-us Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6728g-24p-ac-2dc-us Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6728g-24p-ac-2dc-eu Firmware Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-eu Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-eu Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6728g-24p-ac-2dc-eu Search vendor "Korenix" for product "Jetnet 6728g-24p-ac-2dc-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-2dc48 Firmware Search vendor "Korenix" for product "Jetnet 6828gf-2dc48 Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-2dc48 Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-2dc48 Search vendor "Korenix" for product "Jetnet 6828gf-2dc48" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-2dc24 Firmware Search vendor "Korenix" for product "Jetnet 6828gf-2dc24 Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-2dc24 Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-2dc24 Search vendor "Korenix" for product "Jetnet 6828gf-2dc24" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-dc24-us Firmware Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-dc24-us Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-us Firmware Search vendor "Korenix" for product "Jetnet 6828gf-2ac-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-2ac-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-us Search vendor "Korenix" for product "Jetnet 6828gf-2ac-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-us Firmware Search vendor "Korenix" for product "Jetnet 6828gf-ac-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-ac-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-us Search vendor "Korenix" for product "Jetnet 6828gf-ac-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-au Firmware Search vendor "Korenix" for product "Jetnet 6828gf-2ac-au Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-2ac-au Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-au Search vendor "Korenix" for product "Jetnet 6828gf-2ac-au" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-dc24-eu Firmware Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-ac-dc24-eu Search vendor "Korenix" for product "Jetnet 6828gf-ac-dc24-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-eu Firmware Search vendor "Korenix" for product "Jetnet 6828gf-2ac-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6828gf-2ac-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6828gf-2ac-eu Search vendor "Korenix" for product "Jetnet 6828gf-2ac-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 6910g-m12 Hvdc Firmware Search vendor "Korenix" for product "Jetnet 6910g-m12 Hvdc Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 6910g-m12 Hvdc Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 6910g-m12 Hvdc Search vendor "Korenix" for product "Jetnet 6910g-m12 Hvdc" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7310g-v2 Firmware Search vendor "Korenix" for product "Jetnet 7310g-v2 Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7310g-v2 Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7310g-v2 Search vendor "Korenix" for product "Jetnet 7310g-v2" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-us Firmware Search vendor "Korenix" for product "Jetnet 7628xp-4f-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7628xp-4f-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-us Search vendor "Korenix" for product "Jetnet 7628xp-4f-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-us Firmware Search vendor "Korenix" for product "Jetnet 7628xp-4f-us Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 7628xp-4f-us Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-us Search vendor "Korenix" for product "Jetnet 7628xp-4f-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-eu Firmware Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-eu Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-eu Firmware Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu Firmware" | 1.1 Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu Firmware" and version "1.1" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628xp-4f-eu Search vendor "Korenix" for product "Jetnet 7628xp-4f-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628x-4f-us Firmware Search vendor "Korenix" for product "Jetnet 7628x-4f-us Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7628x-4f-us Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628x-4f-us Search vendor "Korenix" for product "Jetnet 7628x-4f-us" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7628x-4f-eu Firmware Search vendor "Korenix" for product "Jetnet 7628x-4f-eu Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7628x-4f-eu Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7628x-4f-eu Search vendor "Korenix" for product "Jetnet 7628x-4f-eu" | - | - |
Safe
|
| Korenix Search vendor "Korenix" | Jetnet 7714g-m12 Hvdc Firmware Search vendor "Korenix" for product "Jetnet 7714g-m12 Hvdc Firmware" | 1.0 Search vendor "Korenix" for product "Jetnet 7714g-m12 Hvdc Firmware" and version "1.0" | - |
Affected
| in | Korenix Search vendor "Korenix" | Jetnet 7714g-m12 Hvdc Search vendor "Korenix" for product "Jetnet 7714g-m12 Hvdc" | - | - |
Safe
|