PT-2023-4558 · Moxa · Iologik 4000 Series

Published

2023-08-24

Updated

2023-08-29

CVE-2023-4229

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions ioLogik 4000 Series (ioLogik E4200) versions v1.6 and prior

Description A vulnerability has been identified that may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized data disclosures. The issue is related to incorrect restriction of visualized layers in the user interface of the ioLogik programmable logic controller's web server, which could allow a remote attacker to impact the integrity of protected information.

Recommendations For ioLogik 4000 Series (ioLogik E4200) versions v1.6 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Clickjacking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1021

Related Identifiers

BDU:2023-04964

CVE-2023-4229

Affected Products

Iologik 4000 Series

PT-2023-4558 · Moxa · Iologik 4000 Series

CVE-2023-4229

Weakness Enumeration

Related Identifiers

Affected Products

References · 5