CVE-2023-28002

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-354
View all →

Vulnerability Description

An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.

Related Vulnerabilities

CVE-2024-47935

MEDIUM
CVSS:6.7(Medium)

Improper Validation of Integrity Check Value vulnerability in TXOne Networks StellarProtect (Legacy Mode), StellarEnforce, and Safe Lock allows an attacker to escalate their privileges in the victim’s...

CWE-3542024

CVE-2020-28656

MEDIUM
CVSS:6.8(Medium)

The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a met...

CWE-3542020

CVE-2020-5637

MEDIUM
CVSS:6.8(Medium)

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.

CWE-3542020

CVE-2020-9118

MEDIUM
CVSS:6.8(Medium)

There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacke...

CWE-3542020

CVE-2020-9210

MEDIUM
CVSS:6.8(Medium)

There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically ...

CWE-3542020

CVE-2022-30316

MEDIUM
CVSS:6.8(Medium)

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware up...

CWE-3542022