LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2023-02-15T17:25:56.279Z
Updated: 2024-08-02T10:20:31.334Z
Reserved: 2023-01-06T18:49:55.855Z
Link: CVE-2023-22804
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-15T18:15:11.827
Modified: 2024-11-21T07:45:27.147
Link: CVE-2023-22804
Redhat
No data.