How severe is CVE-2023-48257?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Rexroth Nexo Cordless Nutrunner Nxa011s-36v (0608842011)

CVE-2023-48257

The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users…

EPSS: 0.006 (70.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Rexroth Nexo Cordless Nutrunner Nxa011s-36v (0608842011) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa011s-36v-b (0608842012) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa015s-36v (0608842001) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa015s-36v-b (0608842006) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa030s-36v (0608842002) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa030s-36v-b (0608842007) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa050s-36v (0608842003) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa050s-36v-b (0608842008) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa065s-36v (0608842013) — versions NEXO-OS V1000-Release
Rexroth Nexo Cordless Nutrunner Nxa065s-36v-b (0608842014) — versions NEXO-OS V1000-Release

Weakness classification (CWE)

CWE-1391

References

https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html (vendor-advisory)

Frequently asked questions

What is CVE-2023-48257?: CVE-2023-48257 is a high-severity vulnerability in Rexroth Nexo Cordless Nutrunner Nxa011s-36v (0608842011), classified under CWE-1391. CVSS score: 7.8/10. Published 2024-01-10.
How severe is CVE-2023-48257?: High severity. CVSS v3 base score is 7.8 out of 10.