PT-2023-21420 · Unknown · Solarview Compact Sv-Cpt-Mc310
Published
2023-05-23
·
Updated
2025-01-31
·
CVE-2023-27920
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10
SolarView Compact SV-CPT-MC310F versions prior to Ver.8.10
Description
The issue is related to improper access control in the system date/time setting page, allowing a remote authenticated attacker to alter the system date/time of the affected product.
Recommendations
For SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, update to Ver.8.10 or later to resolve the issue.
For SolarView Compact SV-CPT-MC310F versions prior to Ver.8.10, update to Ver.8.10 or later to resolve the issue.
As a temporary workaround, consider restricting access to the system date/time setting page until a patch is available.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Solarview Compact Sv-Cpt-Mc310