CVE-2023-32233
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged...
Description
ABB is aware of public reports of a vulnerabilities in product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could cause the product to stop, make the product inacces-sible, take remote control of the product or insert and run arbitrary code. As part of ABB product lifecycle policy, once a product transitions to end-of-life, we discontinue maintenance, security patches, and technical support to focus on current and future technologies. While the product will continue to function, we strongly recommend implementing mitigations defined in this document, such as using a private APN cellular network between Arctic wireless gateways and ARM600 for establishing VPN tunnels, to mitigate security risks and avoid potential vulnerabilities. As part of ABB product lifecycle policy, once a product transitions to Limited state, we discontinue maintenance, security patches, and technical support to focus on current and future technologies. While the product will continue to function, we strongly recommend implementing mitigations defined in this document to mitigate security risks.
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Attack Graph
Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.
Exploitability
Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.
View exploit detailsMITRE ATT&CK
2 techniquesReferences
Timeline
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2023-32233 and every CVE in our database. Create a free account — no credit card required.
Create Free Account