CVE-2023-0757

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 14, 2023
Updated: Dec 21, 2023
CWE ID 732

Summary

CVE-2023-0757 is a critical vulnerability affecting PHOENIX CONTACT MULTIPROG and PHOENIX CONTACT ProConOS eCLR (SDK). An unauthenticated attacker can exploit this Incorrect Permission Assignment for Critical Resource issue to upload malicious code, resulting in full access to the affected device. This vulnerability poses a significant risk and requires immediate attention from users to apply the available patch or mitigation measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share