CVE-2023-6374

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 30, 2024

Updated: Feb 6, 2024

CWE ID 294

Summary

CVE-2023-6374 is a newly discovered vulnerability affecting Mitsubishi Electric Corporation's MELSEC WS Series WS0-GETH00200 modules. This issue permits unauthenticated attackers to carry out a capture-replay attack, enabling them to bypass authentication and unlawfully access the modules. Once logged in, the attacker can potentially disclose sensitive information or manipulate programs and parameters within the affected devices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tmsVIK
https://www.cve.org/CVERecord?id=CVE-2023-6374
https://nvd.nist.gov/vuln/detail/CVE-2023-6374

Back to Vulnerability Database

CVE-2023-6374

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations