PT-2023-18441 · Unknown · Conprosys Hmi System
Published
2023-01-20
·
Updated
2023-01-26
·
CVE-2023-22339
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
CONPROSYS HMI System (CHS) versions 3.4.5 and earlier
Description
The issue allows a remote unauthenticated attacker to bypass access restrictions and obtain the server certificate, including the private key of the product, due to an improper access control vulnerability.
Recommendations
For versions 3.4.5 and earlier, update to a version later than 3.4.5 to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Conprosys Hmi System