CVE-2023-48431

Name of the Vulnerable Software and Affected Versions SINEC INS versions prior to V1.0 SP2 Update 2

Description A vulnerability has been identified in the affected software, where it does not correctly validate the response received by a UMC server. This can be exploited by an attacker to crash the affected software by either providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server.

Recommendations For versions prior to V1.0 SP2 Update 2, update to V1.0 SP2 Update 2 or later to resolve the issue. As a temporary workaround, consider restricting access to the UMC server to minimize the risk of exploitation.