CVE-2023-45213

MEDIUM

Westermo L206-f2g Firmware - Permissive CORS Policy

Title source: rule

Description

A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.

References (1)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04

Scores

CVSS v3 6.6

EPSS 0.0004

EPSS Percentile 11.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-942 CWE-697

Status published

Products (1)

westermo/l206-f2g_firmware 4.24

Published Feb 06, 2024

Tracked Since Feb 18, 2026