Kratos Security Advisory: CVE-2023-36669

Synopsis

Kratos NGC Indoor Unit (IDU) update for missing authentication

Type/Severity

Security Advisory / High

Description

Missing Authentication for Critical Function within the Kratos NGC Indoor Unit (IDU) allows remote attackers to obtain arbitrary control of the IDU/ODU system.

Solution

The issue is fixed in Version: 11.4.0.0 and newer releases.

Affected Products

Kratos NGC Indoor Unit (IDU) with firmware version 11.3 and below.

Fix

Upgrade to NGC Indoor Unit (IDU) version 11.4.0.0 or newer release.

Credit/Discoverer

Paul Noalhyt, Red Balloon Security

Kratos Security Advisory: CVE-2023-36669

Synopsis

Type/Severity

Description

Solution

Affected Products

Fix

Credit/Discoverer

Systems & Platforms

Products

About Kratos

Investors