PT-2023-21222 · Contec · Contec Conprosys Hmi System
Published
2023-05-31
·
Updated
2023-06-07
·
CVE-2023-2758
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Contec CONPROSYS HMI System versions 3.5.2 and prior
Description
A denial of service issue exists due to a time-zone mismatch in certain configuration files. This allows a remote, unauthenticated attacker to deny logins for an extended period.
Recommendations
For Contec CONPROSYS HMI System versions 3.5.2 and prior, update the configuration files to resolve the time-zone mismatch issue to prevent denial of service attacks.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Contec Conprosys Hmi System