VideoEdge config
CVE-2023-3749

7.1HIGH

Key Information:

Vendor: Sensormatic Electronics, A Subsidiary Of Johnson Controls, Inc.
Status: Videoedge
Vendor: CVE Published:; 3 August 2023

What is CVE-2023-3749?

A vulnerability in the VideoEdge product allows a local user to directly edit the configuration file, which can compromise the operation and security of the system. This manipulation can lead to unauthorized changes that may affect the overall integrity of VideoEdge's functionality.

Affected Version(s)

VideoEdge 0 < 6.1.1

References

https://www.johnsoncontrols.com/cyber-solutions/security-...

https://www.cisa.gov/news-events/ics-advisories/icsa-23-2...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 3, 2023
Vulnerability Reserved
Jul 18, 2023

Sensormatic Electronics, A Subsidiary Of Johnson Controls, Inc.

What is CVE-2023-3749?

Affected Version(s)

References

CVSS V3.1

Timeline