CVE-2023-51438

Summary

CVE-2023-51438 is a newly discovered vulnerability affecting SIMATIC IPC1047E, IPC647E, and IPC847E devices with maxView Storage Manager versions below V4.14.00.26068 installed on Windows. In default configurations where the Redfish® server is enabled for remote system management, an unauthorized access vulnerability has been identified. An attacker can potentially exploit this flaw to gain unauthorized access to the affected systems. The full extent and potential impact of this vulnerability are still being assessed. It is recommended that affected users update their maxView Storage Manager software to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.