CVE-2023-37373

Name of the Vulnerable Software and Affected Versions RUGGEDCOM CROSSBOW versions prior to V5.4

Description A vulnerability has been identified that allows unauthenticated remote attackers to write arbitrary files to the affected application's file system due to the lack of authentication for a critical function. This issue is related to the secure access control system of RUGGEDCOM CROSSBOW.

Recommendations For versions prior to V5.4, update to version V5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to critical functions that accept file write messages to prevent exploitation.