National Cyber Warfare Foundation (NCWF) Forums


CVE-2023-45851
0 user ratings		2023-10-25 20:15:39
milo
CVEs
 - archive -- 
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. 


This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device

CVE-2023-45851
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45851
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. 


This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device
2023-10-25T18:17:35Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45851

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.