CVE-​2023-0525

Name of the Vulnerable Software and Affected Versions: GT Designer3 versions (affected versions not specified) GOT2000 Series versions (affected versions not specified) GOT SIMPLE Series versions (affected versions not specified) GT SoftGOT2000 versions (affected versions not specified)

Description: The issue is related to weak password cryptography in the Data Transfer Security function of the software used for creating and managing graphical interfaces on industrial control panels. This could allow a remote attacker to gain unauthorized access to protected information and elevate their privileges.

Recommendations: For GT Designer3, update the software to a version that addresses the weak password cryptography issue. For GOT2000 Series, restrict access to sensitive information until a fix is available. For GOT SIMPLE Series, consider implementing additional security measures to protect against unauthorized access. For GT SoftGOT2000, avoid using weak passwords and consider temporarily disabling remote access until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.