We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-33379



Assignermitre
Reserved2023-05-22
Published2023-08-04
Updated2024-10-17

Description

Connected IO v2.1.0 and prior has a misconfiguration in their MQTT broker used for management and device communication, which allows devices to connect to the broker and issue commands to other device, impersonating Connected IO management platform and sending commands to all of Connected IO's devices.

References

https://www.connectedio.com/products/routers

https://claroty.com/team82/disclosure-dashboard/cve-2023-33379

cve.org CVE-2023-33379

nvd.nist.gov CVE-2023-33379

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.