CVE-2023-37858

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Aug 9, 2023

Updated: Dec 14, 2023

CWE ID 311

Summary

CVE-2023-37858 is a vulnerability affecting PHOENIX CONTACT's WP 6xxx series web panels before version 4.0.10. An attacker with administrative privileges can exploit this issue remotely to gain access to hardcoded cryptographic keys. These keys enable decryption of the encrypted login password for the web application, potentially putting sensitive information at risk. This vulnerability underscores the importance of keeping software up-to-date to mitigate security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8c2n9
https://www.cve.org/CVERecord?id=CVE-2023-37858
https://nvd.nist.gov/vuln/detail/CVE-2023-37858

Back to Vulnerability Database

CVE-2023-37858

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations