CVE-2023-34673
Published: 23 June 2023
Summary
CVE-2023-34673 is a medium-severity an unspecified weakness vulnerability in Elenos Etg150 Firmware. Its CVSS base score is 6.5 (Medium).
Operationally, ranked at the 30.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38715
Vulnerability details
Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.