Vendor
critical
advisory
Critical RCE Vulnerability in X-Rite MA-T6 Devices (CVE-2023-49900)
2 TTPs 1 CVEAn unauthenticated remote attacker can achieve critical remote code execution in X-Rite MA-T6 devices running versions prior to v2.33 due to improper input sanitization in the `SetParameter` command, allowing for OS command injection via CVE-2023-49900.
MA-T6
rce
command-injection
os-command-injection
firmware
iot
2t
1c
critical
advisory
X-Rite MA-T6 Remote Code Execution Vulnerability (CVE-2023-49899)
2 TTPs 1 CVEAn unauthenticated remote attacker can exploit CVE-2023-49899 in X-Rite MA-T6 devices (versions prior to v2.33) to achieve arbitrary command execution by bypassing origin verification, leading to full compromise of the device.
MA-T6
vulnerability
RCE
ICS
OT
critical
2t
1c