CVE-2023-27921
MEDIUMJINS MEME CORE Firmware < 2.3.0 - Use of Hard-coded Cryptographic Key
Title source: llmDescription
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may lead to data acquired by a sensor of the affected product being decrypted by a network-adjacent attacker.
References (2)
Core 2
Core References
Release Notes
https://jinsmeme.com/media/2023-04-fwapp2
Third Party Advisory
https://jvn.jp/en/jp/JVN13306058/
Scores
CVSS v3
6.5
EPSS
0.0028
EPSS Percentile
19.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-798
Status
published
Products (1)
jins/jins_meme_firmware
< 2.3.0
Published
May 23, 2023
Tracked Since
Feb 18, 2026