{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T03:53:57.489","vulnerabilities":[{"cve":{"id":"CVE-2023-41255","sourceIdentifier":"psirt@bosch.com","published":"2023-10-25T18:17:30.737","lastModified":"2024-11-21T08:20:55.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication \r\nof the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug Bridge) protocol  exposed on the network."},{"lang":"es","value":"La vulnerabilidad permite a un usuario sin privilegios con acceso a la subred del dispositivo TPC-110W obtener un shell raíz en el dispositivo abusando de la falta de autenticación del archivo binario 'su' instalado en el dispositivo al que se puede acceder a través del protocolo ADB (Android Debug Bridge) expuesto en la red."}],"metrics":{"cvssMetricV31":[{"source":"psirt@bosch.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@bosch.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2107_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"7FFA1309-DBEE-46F1-B6FD-DAE896180411"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-:*:*:*:*:*:*:*","matchCriteriaId":"87C129B8-F100-4D3A-97BC-BAD9A4129F9D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2110_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"FD47D2E3-F53F-4CE8-BEF7-76F78AEBAF5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2110:-:*:*:*:*:*:*:*","matchCriteriaId":"326E80AA-C9B4-4BF1-AA2B-98A3802A72C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2115_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"4CA92486-EEBE-42FD-9755-006B7F2DF361"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2115:-:*:*:*:*:*:*:*","matchCriteriaId":"167C9BC4-FCC5-4FAF-8F75-F967C77400A7"}]}]}],"references":[{"url":"https://psirt.bosch.com/security-advisories/BOSCH-SA-175607.html","source":"psirt@bosch.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://psirt.bosch.com/security-advisories/BOSCH-SA-175607.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}