What is CVE-2023-32347?

CVE-2023-32347 is a high-severity vulnerability in Teltonika Remote Management System, classified under Improper Authentication. CVSS score: 8.1/10. Published 2023-05-22.

How severe is CVE-2023-32347?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Teltonika Remote Management System

CVE-2023-32347

Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker…

Vulnerability class: Broken Authentication

EPSS: 0.006 (69.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H.

Affected products

Teltonika Remote Management System — versions 0

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

www.cisa.gov/news-events/ics-advisories/icsa-23-131-08 (government-resource)

Frequently asked questions

What is CVE-2023-32347?: CVE-2023-32347 is a high-severity vulnerability in Teltonika Remote Management System, classified under Improper Authentication. CVSS score: 8.1/10. Published 2023-05-22.
How severe is CVE-2023-32347?: High severity. CVSS v3 base score is 8.1 out of 10.