CVE-2023-40724

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 14, 2023

CWE ID 316

Summary

CVE-2023-40724 is a newly discovered vulnerability affecting QMS Automotive software versions below V12.39. This issue allows an attacker to gain unauthorized access by exploiting the presence of user credentials in plaintext form in the system memory. By conducting a memory dump, an adversary can obtain these sensitive credentials and utilize them for impersonation purposes. This vulnerability poses a significant risk to security and necessitates immediate remediation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sagbN1
https://www.cve.org/CVERecord?id=CVE-2023-40724
https://nvd.nist.gov/vuln/detail/CVE-2023-40724

Back to Vulnerability Database

CVE-2023-40724

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations