CVE-2023-2003

Name of the Vulnerable Software and Affected Versions Vision1210 version 4.3 build 5

Description The issue allows a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol. This malicious code can then be retrieved by a client and executed on the device.

Recommendations For Vision1210 version 4.3 build 5, consider restricting access to the PCOM protocol to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the execution of code retrieved from the device's data tables can help mitigate the issue.