CVE-2023-46384

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 30, 2023

Updated: Dec 14, 2023

CWE ID 312

Summary

CVE-2023-46384 is a vulnerability affecting LOYTEC electronics GmbH LINX Configurator version 7.4.10. This issue involves insecure permissions, allowing remote attackers to gain unauthorized access. By exploiting this vulnerability, attackers can view cleartext-stored admin credentials and bypass authentication to login to Loytec devices, posing a significant security risk. This can potentially lead to unauthorized control and data breaches of the affected systems. It is recommended that users upgrade to the latest version of the LINX Configurator to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tGpFtq
https://www.cve.org/CVERecord?id=CVE-2023-46384
https://nvd.nist.gov/vuln/detail/CVE-2023-46384

Back to Vulnerability Database

CVE-2023-46384

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations