PT-2023-19710 · Array Networks · Vxag+1

Published

2023-02-03

Updated

2025-03-26

CVE-2023-24613

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Array Networks AG Series and vxAG versions 9.4.0.470 and earlier

Description The user interface of Array Networks AG Series and vxAG could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to cause a denial of service attack.

Recommendations For Array Networks AG Series and vxAG versions 9.4.0.470 and earlier, update to version 9.4.0.481 to resolve the issue. As a temporary workaround, consider restricting access to the system with administrator privileges to minimize the risk of exploitation.

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2023-24613

Affected Products

Array Networks Ag Series

Vxag

PT-2023-19710 · Array Networks · Vxag+1

CVE-2023-24613

Weakness Enumeration

Related Identifiers

Affected Products

References · 7