CVE-2023-27309

Name of the Vulnerable Software and Affected Versions RUGGEDCOM CROSSBOW versions prior to V5.2

Description The issue is related to the client query handler of the secure access management system, which has inadequate authorization procedure. This could allow a remote attacker to perform unauthorized actions by exploiting the lack of proper permission checks for specific write queries.

Recommendations For versions prior to V5.2, update to version V5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the client query handler to minimize the risk of exploitation.