LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02 |
![]() ![]() |
History
Thu, 16 Jan 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: icscert
Published: 2023-02-15T17:25:56.279Z
Updated: 2025-01-16T21:56:46.846Z
Reserved: 2023-01-06T18:49:55.855Z
Link: CVE-2023-22804

Updated: 2024-08-02T10:20:31.334Z

Status : Modified
Published: 2023-02-15T18:15:11.827
Modified: 2024-11-21T07:45:27.147
Link: CVE-2023-22804

No data.