How severe is CVE-2023-26979?

This vulnerability has a severity rating of LOW with a CVSS score of 3.1 out of 10.

What type of vulnerability is CVE-2023-26979?

This is classified as CWE-924, which is a common weakness in software security.

CVE-2023-26979

LOW Year: 2023

CVSS v3 Score

3.1

Low

Weakness Type

CWE-924

View all →

Vulnerability Description

Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

CVE-2021-3716

LOW

CVSS:3.1(Low)

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY befo...

CWE-9242021

CVE-2020-10635

MEDIUM

CVSS:4.3(Medium)

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext.

CWE-9242020

CVE-2024-52288

MEDIUM

CVSS:5.1(Medium)

libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected `REPLY_CCRYPT`...

CWE-9242024

CVE-2020-5869

CRITICAL

CVSS:9.1(Critical)

In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.

CWE-9242020

CVE-2024-44730

CRITICAL

CVSS:9.1(Critical)

Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name.

CWE-9242024

CVE-2025-0592

HIGH

CVSS:8.8(High)

The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file and uploading it to the device.

CWE-9242025