Lucene search

9119a7d8-5eab-497f-8521-727c672e3725NVD:CVE-2023-6448

HistoryDec 05, 2023 - 6:15 p.m.

CVE-2023-6448

2023-12-0518:15:12

CWE-798

CWE-1188

9119a7d8-5eab-497f-8521-727c672e3725

web.nvd.nist.gov

unitronics

visilogic

default password

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.039

Percentile

92.1%

JSON

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.

Affected configurations

Nvd

Node

unitronicsvision1210_firmwareRange<12.38

AND

unitronicsvision1210Match-

Node

unitronicsvision1040_firmwareRange<12.38

AND

unitronicsvision1040Match-

Node

unitronicsvision700_firmwareRange<12.38

AND

unitronicsvision700Match-

Node

unitronicsvision570_firmwareRange<12.38

AND

unitronicsvision570Match-

Node

unitronicsvision560_firmwareRange<12.38

AND

unitronicsvision560Match-

Node

unitronicsvision430_firmwareRange<12.38

AND

unitronicsvision430Match-

Node

unitronicsvision350_firmwareRange<12.38

AND

unitronicsvision350Match-

Node

unitronicsvision130_firmwareRange<12.38

AND

unitronicsvision130Match-

Node

unitronicsvision230_firmwareRange<12.38

AND

unitronicsvision230Match-

Node

unitronicsvision280_firmwareRange<12.38

AND

unitronicsvision280Match-

Node

unitronicsvision290_firmwareRange<12.38

AND

unitronicsvision290Match-

Node

unitronicsvision530_firmwareRange<12.38

AND

unitronicsvision530Match-

Node

unitronicsvision120_firmwareRange<12.38

AND

unitronicsvision120Match-

Node

unitronicsvisilogicRange<9.9.00

Node

unitronicssamba_3.5_firmwareRange<12.38

AND

unitronicssamba_3.5Match-

Node

unitronicssamba_4.3_firmwareRange<12.38

AND

unitronicssamba_4.3Match-

Node

unitronicssamba_7_firmwareRange<12.38

AND

unitronicssamba_7Match-

VendorProductVersionCPE
unitronicsvision1210_firmware*cpe:2.3:o:unitronics:vision1210_firmware:*:*:*:*:*:*:*:*
unitronicsvision1210-cpe:2.3:h:unitronics:vision1210:-:*:*:*:*:*:*:*
unitronicsvision1040_firmware*cpe:2.3:o:unitronics:vision1040_firmware:*:*:*:*:*:*:*:*
unitronicsvision1040-cpe:2.3:h:unitronics:vision1040:-:*:*:*:*:*:*:*
unitronicsvision700_firmware*cpe:2.3:o:unitronics:vision700_firmware:*:*:*:*:*:*:*:*
unitronicsvision700-cpe:2.3:h:unitronics:vision700:-:*:*:*:*:*:*:*
unitronicsvision570_firmware*cpe:2.3:o:unitronics:vision570_firmware:*:*:*:*:*:*:*:*
unitronicsvision570-cpe:2.3:h:unitronics:vision570:-:*:*:*:*:*:*:*
unitronicsvision560_firmware*cpe:2.3:o:unitronics:vision560_firmware:*:*:*:*:*:*:*:*
unitronicsvision560-cpe:2.3:h:unitronics:vision560:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
unitronics	vision1210_firmware	*	cpe:2.3:o:unitronics:vision1210_firmware::::::::
unitronics	vision1210	-	cpe:2.3:h:unitronics:vision1210:-:::::::*
unitronics	vision1040_firmware	*	cpe:2.3:o:unitronics:vision1040_firmware::::::::
unitronics	vision1040	-	cpe:2.3:h:unitronics:vision1040:-:::::::*
unitronics	vision700_firmware	*	cpe:2.3:o:unitronics:vision700_firmware::::::::
unitronics	vision700	-	cpe:2.3:h:unitronics:vision700:-:::::::*
unitronics	vision570_firmware	*	cpe:2.3:o:unitronics:vision570_firmware::::::::
unitronics	vision570	-	cpe:2.3:h:unitronics:vision570:-:::::::*
unitronics	vision560_firmware	*	cpe:2.3:o:unitronics:vision560_firmware::::::::
unitronics	vision560	-	cpe:2.3:h:unitronics:vision560:-:::::::*