LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-02-15T17:25:56.279Z

Updated: 2024-08-02T10:20:31.334Z

Reserved: 2023-01-06T18:49:55.855Z

Link: CVE-2023-22804

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-15T18:15:11.827

Modified: 2024-11-21T07:45:27.147

Link: CVE-2023-22804

cve-icon Redhat

No data.