CVE-2023-0757
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 14, 2023
Updated: Dec 21, 2023
CWE ID 732
Summary
CVE-2023-0757 is a critical vulnerability affecting PHOENIX CONTACT MULTIPROG and PHOENIX CONTACT ProConOS eCLR (SDK). An unauthenticated attacker can exploit this Incorrect Permission Assignment for Critical Resource issue to upload malicious code, resulting in full access to the affected device. This vulnerability poses a significant risk and requires immediate attention from users to apply the available patch or mitigation measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share