CVE Catalog

CVE-2023-4546

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.14%

62th percentile — higher than 62% of all known CVEs

Summary

A vulnerability was found in Byzoro Smart S85F Management Platform up to version 20230816, concerning an unknown functionality of the file /sysmanage/licence.php. Manipulation of this functionality leads to improper access controls.

Risk Assessment

This vulnerability may be exploited by third parties, posing a risk of unauthorized access to the system. The public disclosure of the exploit increases the likelihood of attacks.

Recommendation

It is recommended to update the platform to the latest version to mitigate this vulnerability and to monitor the system for unauthorized activities.

Original NVD description (English source)

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The identifier VDB-238057 was assigned to this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS