Unrated severityNVD Advisory· Published May 22, 2023· Updated Jan 16, 2025

CVE-2023-2586

Description

Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker could register that device to themselves. This could enable the attacker to perform different operations on the user's devices, including remote code execution with 'root' privileges (using the 'Task Manager' feature on RMS).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Teltonika/Remote Management Systemllm-fuzzy2 versions
= 4.14.0+ 1 more
- (no CPE)range: = 4.14.0
- (no CPE)range: 0

Patches

Vulnerability mechanics

References

www.cisa.gov/news-events/ics-advisories/icsa-23-131-08mitregovernment-resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000