Securepoint UTM (CVE-2023-22620, CVE-2023-22897) - Vulnerability Database

Securepoint UTM (CVE-2023-22620, CVE-2023-22897)

Description

Securepoint UTM has two vulnerabilities that allow an unauthenticated attacker to bypass authentication and compomise the system.

Remediation

Upgrade to the latest version of Securepoint UTM.

References

Securepoint UTM changelog

SecurePwn Part 1: Bypassing SecurePoint UTM’s Authentication (CVE-2023-22620)

SecurePwn Part 2: Leaking Remote Memory Contents (CVE-2023-22897)

Related Vulnerabilities

Severity

High

Classification

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Authentication Bypass

Known Vulnerabilities