CVE-2023-49143

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-49143
Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/jp/JVN34145838/ Third Party Advisory
https://www.electronics.jtekt.co.jp/en/topics/202312116562/ Vendor Advisory
https://jvn.jp/en/jp/JVN34145838/ Third Party Advisory
https://www.electronics.jtekt.co.jp/en/topics/202312116562/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:jtekt:gc-a22w-cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a22w-cw:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:jtekt:gc-a24w-c\(w\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a24w-c\(w\):-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:jtekt:gc-a26w-c\(w\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26w-c\(w\):-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:jtekt:gc-a24_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a24:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:jtekt:gc-a24-m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a24-m:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:jtekt:gc-a25_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a25:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:jtekt:gc-a26_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:jtekt:gc-a26-j2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26-j2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:jtekt:gc-a27-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a27-c:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:jtekt:gc-a28-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a28-c:-:*:*:*:*:*:*:*
History

21 Nov 2024, 08:32

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN34145838/ - Third Party Advisory () https://jvn.jp/en/jp/JVN34145838/ - Third Party Advisory
References () https://www.electronics.jtekt.co.jp/en/topics/202312116562/ - Vendor Advisory () https://www.electronics.jtekt.co.jp/en/topics/202312116562/ - Vendor Advisory

15 Dec 2023, 13:46

Type Values Removed Values Added
First Time Jtekt gc-a24
Jtekt gc-a27-c Firmware
Jtekt
Jtekt gc-a25
Jtekt gc-a26
Jtekt gc-a26-j2
Jtekt gc-a22w-cw Firmware
Jtekt gc-a24-m Firmware
Jtekt gc-a24w-c\(w\) Firmware
Jtekt gc-a26w-c\(w\) Firmware
Jtekt gc-a26-j2 Firmware
Jtekt gc-a24w-c\(w\)
Jtekt gc-a25 Firmware
Jtekt gc-a26w-c\(w\)
Jtekt gc-a28-c
Jtekt gc-a24 Firmware
Jtekt gc-a24-m
Jtekt gc-a22w-cw
Jtekt gc-a27-c
Jtekt gc-a28-c Firmware
Jtekt gc-a26 Firmware
CPE cpe:2.3:h:jtekt:gc-a24w-c\(w\):-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a24:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a26w-c\(w\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26-j2:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a28-c:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a27-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a22w-cw:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a26_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a25:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a24-m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a28-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a26-j2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a27-c:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a25_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a24w-c\(w\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a24_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:gc-a22w-cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a24-m:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:gc-a26w-c\(w\):-:*:*:*:*:*:*:*
CWE CWE-400
References () https://jvn.jp/en/jp/JVN34145838/ - () https://jvn.jp/en/jp/JVN34145838/ - Third Party Advisory
References () https://www.electronics.jtekt.co.jp/en/topics/202312116562/ - () https://www.electronics.jtekt.co.jp/en/topics/202312116562/ - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5

12 Dec 2023, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-12 10:15

Updated : 2024-11-21 08:32

NVD link : CVE-2023-49143

Mitre link : CVE-2023-49143

CVE.ORG link : CVE-2023-49143

JSON object : View

Products Affected

jtekt

  • gc-a26-j2_firmware
  • gc-a27-c
  • gc-a24
  • gc-a24w-c\(w\)
  • gc-a22w-cw
  • gc-a24w-c\(w\)_firmware
  • gc-a26-j2
  • gc-a22w-cw_firmware
  • gc-a26
  • gc-a28-c
  • gc-a26_firmware
  • gc-a25_firmware
  • gc-a24-m
  • gc-a27-c_firmware
  • gc-a28-c_firmware
  • gc-a24-m_firmware
  • gc-a25
  • gc-a26w-c\(w\)
  • gc-a26w-c\(w\)_firmware
  • gc-a24_firmware
CWE
CWE-400

Uncontrolled Resource Consumption