CVE-2023-4804

Name of the Vulnerable Software and Affected Versions Quantum HD Unity products (affected versions not specified) Quantum HD Unity Compressor (affected versions not specified) Quantum HD Unity AcuAir (affected versions not specified) Quantum HD Unity Engine Room (affected versions not specified) Quantum HD Unity Interface (affected versions not specified)

Description An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed. The vulnerability exists due to the incorrect inclusion of debug mode for certain services. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands by accessing the device's debug features. The potentially vulnerable equipment is used worldwide by suppliers in the food industry and critical manufacturing sectors. The issue was discovered by an independent researcher and was fixed in each of the affected control panels.

Recommendations For Quantum HD Unity products, consider disabling the debug features until a patch is available. For Quantum HD Unity Compressor, AcuAir, Engine Room, and Interface, restrict access to the debug mode to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.