Security Advisory

CVE-2023-36669

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-18 00:00:00

Last updated 2024-10-28 18:19:59

Assigner mitre

State PUBLISHED

Description

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.

← Browse all CVEs View on cve.org ↗