VideoEdge config
CVE-2023-3749

7.1HIGH

Key Information:

Vendor

Sensormatic Electronics, A Subsidiary Of Johnson Controls, Inc.

Status
Videoedge
Vendor
CVE Published:
3 August 2023

What is CVE-2023-3749?

A vulnerability in the VideoEdge product allows a local user to directly edit the configuration file, which can compromise the operation and security of the system. This manipulation can lead to unauthorized changes that may affect the overall integrity of VideoEdge's functionality.

Affected Version(s)

VideoEdge 0 < 6.1.1

References

https://www.johnsoncontrols.com/cyber-solutions/security-...
https://www.cisa.gov/news-events/ics-advisories/icsa-23-2...

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.