CVE-2023-33373

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 4, 2023

Updated: Aug 8, 2023

CWE ID 312

Summary

CVE-2023-33373 is a vulnerability affecting Connected IO v2.1.0 and earlier versions. This issue permits attackers to gain unauthorized access to passwords and credentials, which are stored in clear-text format. Attackers can potentially exfiltrate these sensitive details, enabling them to impersonate devices and cause unauthorized actions. Organizations using Connected IO are advised to update to the latest version or implement alternative security measures to mitigate this risk. Failure to address this vulnerability may result in significant data breaches and compromised security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sOPCpr
https://www.cve.org/CVERecord?id=CVE-2023-33373
https://nvd.nist.gov/vuln/detail/CVE-2023-33373

Back to Vulnerability Database

CVE-2023-33373

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations