CVE-2023-6374

Name of the Vulnerable Software and Affected Versions MELSEC WS Series WS0-GETH00200 all serial numbers

Description The issue is related to an authentication bypass vulnerability in the MELSEC WS Series WS0-GETH00200, allowing a remote unauthenticated attacker to bypass the authentication process by using a capture-replay attack. This could enable the attacker to illegally log in to the affected module and potentially disclose or tamper with programs and parameters in the modules.

Recommendations As a temporary workaround, consider restricting access to the affected module until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the affected module for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.