CVE-2023-34437

CVSS 3.1 Score 7.5 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity none
Availability none
Scope unchanged
Privileges Required none

Details

Published Oct 19, 2023
Updated: Oct 25, 2023
CWE ID 200

Summary

CVE-2023-34437 refers to a vulnerability discovered in the Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05. This issue lies in the password retrieval functionality of the device, enabling unauthorized access for attackers. They can exploit this weakness to retrieve stored passwords, potentially compromising the security of the system. This vulnerability poses a significant risk and requires immediate attention from affected organizations for appropriate mitigation measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share