CVE-2023-27462

Name of the Vulnerable Software and Affected Versions RUGGEDCOM CROSSBOW versions prior to V5.3

Description A vulnerability has been identified in the client query handler of the affected application, which fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for. The issue is related to shortcomings in the authorization procedure, which may enable a remote attacker to gain unauthorized access to protected information.

Recommendations For versions prior to V5.3, update to version V5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and implementing additional authorization checks to minimize the risk of exploitation.