CVE-2023-28713
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Jun 1, 2023
Updated: Jan 9, 2025
CWE ID 312
Summary
CVE-2023-28713 is a vulnerability affecting the CONPROSYS HMI System (CHS) versions prior to 3.5.3. This issue arises due to the plaintext storage of passwords in a local file. A user with access to the affected product's installation PC can exploit this vulnerability and obtain sensitive information, including database credentials. The potential consequences of this vulnerability are significant, as an attacker could not only view the data but also alter it.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Contec