CVE-2023-1285
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-1285
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in Ethernet communication by sending a large number of specially crafted packets to any UDP port when GC-ENET-COM is configured as a Modbus TCP Server. The communication resumes only when the power of the main unit is turned off and on or when the GC-ENET-COM is hot-swapped from the main unit.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
信号处理例程中的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mitsubishi Electric GC-ENET-COM 竞争条件问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mitsubishi Electric GC-ENET-COM是日本三菱电机(Mitsubishi Electric)公司的一个图形操作控制器。 Mitsubishi Electric GC-ENET-COM存在安全漏洞,该漏洞源于存在竞争条件漏洞,允许远程未经身份验证的攻击者在以太网通信中造成拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Mitsubishi Electric India | GC-ENET-COM | SN:16XXXXXXXXX | - |
II. Public POCs for CVE-2023-1285
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-1285
请登录查看更多情报信息。
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-15government-resource
- https://nvd.nist.gov/vuln/detail/CVE-2023-1285
IV. Related Vulnerabilities
Same weakness: CWE-364
- CVE-2025-4598
Systemd-coredump: race condition that allows a local attacke - CVE-2024-6409
Openssh: possible remote code execution due to a race condit - CVE-2024-6387
Openssh: regresshion - race condition in ssh allows rce/dos - CVE-2023-5676
Eclipse OpenJ9 possible infinite busy hang - CVE-2020-14317
Red Hat Wildfly 安全漏洞
V. Comments for CVE-2023-1285
No comments yet