Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveVulDBCVE-2023-5459
HistoryOct 09, 2023 - 7:15 p.m.

CVE-2023-5459

2023-10-0919:15:10
CWE-404
VulDB
web.nvd.nist.gov
27
cve-2023-5459
delta electronics
dvp32es2
plc
critical vulnerability
password transmission handler
denial of service
vdb-241582
nvd

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

46.1%

JSON

A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected configurations

Nvd
Vulners
Node
deltawwdvp32es200r_firmwareMatch1.48
AND
deltawwdvp32es200rMatch-
Node
deltawwdvp32es200t_firmwareMatch1.48
AND
deltawwdvp32es200tMatch-
Node
deltawwdvp32es211t_firmwareMatch1.48
AND
deltawwdvp32es211tMatch-
Node
deltawwdvp32es200rc_firmwareMatch1.48
AND
deltawwdvp32es200rcMatch-
Node
deltawwdvp32es200tc_firmwareMatch1.48
AND
deltawwdvp32es200tcMatch-
Node
deltawwdvp32es200re_firmwareMatch1.48
AND
deltawwdvp32es200reMatch-
Node
deltawwdvp32es200te_firmwareMatch1.48
AND
deltawwdvp32es200teMatch-
VendorProductVersionCPE
deltawwdvp32es200r_firmware1.48cpe:2.3:o:deltaww:dvp32es200r_firmware:1.48:*:*:*:*:*:*:*
deltawwdvp32es200r-cpe:2.3:h:deltaww:dvp32es200r:-:*:*:*:*:*:*:*
deltawwdvp32es200t_firmware1.48cpe:2.3:o:deltaww:dvp32es200t_firmware:1.48:*:*:*:*:*:*:*
deltawwdvp32es200t-cpe:2.3:h:deltaww:dvp32es200t:-:*:*:*:*:*:*:*
deltawwdvp32es211t_firmware1.48cpe:2.3:o:deltaww:dvp32es211t_firmware:1.48:*:*:*:*:*:*:*
deltawwdvp32es211t-cpe:2.3:h:deltaww:dvp32es211t:-:*:*:*:*:*:*:*
deltawwdvp32es200rc_firmware1.48cpe:2.3:o:deltaww:dvp32es200rc_firmware:1.48:*:*:*:*:*:*:*
deltawwdvp32es200rc-cpe:2.3:h:deltaww:dvp32es200rc:-:*:*:*:*:*:*:*
deltawwdvp32es200tc_firmware1.48cpe:2.3:o:deltaww:dvp32es200tc_firmware:1.48:*:*:*:*:*:*:*
deltawwdvp32es200tc-cpe:2.3:h:deltaww:dvp32es200tc:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 141

CNA Affected

[
  {
    "vendor": "Delta Electronics",
    "product": "DVP32ES2 PLC",
    "versions": [
      {
        "version": "1.48",
        "status": "affected"
      }
    ],
    "modules": [
      "Password Transmission Handler"
    ]
  }
]

Related

vulnrichment 1
prion 1
cvelist 1
nvd 1
vulnrichment
vulnrichment
CVE-2023-5459 Delta Electronics DVP32ES2 PLC Password Transmission denial of service
2023-10-09 19:00:06
prion
prion
Design/Logic Flaw
2023-10-09 19:15:00
cvelist
cvelist
CVE-2023-5459 Delta Electronics DVP32ES2 PLC Password Transmission denial of service
2023-10-09 19:00:06
nvd
nvd
CVE-2023-5459
2023-10-09 19:15:10

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

46.1%

JSON
Related for CVE-2023-5459
vulnrichment1prion1cvelist1nvd1