CVE-2023-5915

Name of the Vulnerable Software and Affected Versions STARDOM FCN/FCJ versions R1.01 through R4.31

Description The issue is related to uncontrolled resource consumption in the STARDOM FCN/FCJ programmable logic controllers. This could allow a remote attacker to cause a denial-of-service condition by sending a crafted packet, making the maintenance homepage of the controller inaccessible. As a result, functions such as changing configuration, viewing logs, etc., are not available. However, the controller's operation is not stopped by this condition.

Recommendations For STARDOM FCN/FCJ versions R1.01 through R4.31, consider restricting access to the maintenance homepage until a patch is available to prevent potential denial-of-service conditions. As a temporary workaround, avoid using functions related to the maintenance homepage, such as changing configuration or viewing logs, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.