CVE-2023-36669 Information

Description

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.

Reference

https://kratosdefense.com https://www.kratosdefense.com/vulnerability-advisories/cve-2023-36669