Improper Privilege Management in SkyBridge MB-A100/110 Firmware by Seiko Solutions
CVE-2023-22361

6.5MEDIUM

Key Information:

Vendor: Seiko Solutions Inc.
Status: Skybridge Mb-a100/110
Vendor: CVE Published:; 10 May 2023

What is CVE-2023-22361?

An improper privilege management vulnerability exists in the firmware of SkyBridge MB-A100 and MB-A110 devices which can be exploited by a remote authenticated attacker. This flaw enables unauthorized changes to the WebUI password, posing a significant security risk. Users are advised to review their device configurations and apply necessary security measures to mitigate potential threats.

Affected Version(s)

SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier

References

https://www.seiko-sol.co.jp/archives/73969/

https://www.seiko-sol.co.jp/products/skybridge/skybridge_...

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
Mar 15, 2023

Seiko Solutions Inc.

What is CVE-2023-22361?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline