CVE-2023-33283

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 7, 2023
Updated: Jan 7, 2025
CWE ID 326

Summary

CVE-2023-33283 is a vulnerability affecting Marval MSM versions up to 14.19.0.12476. This issue allows an attacker to decrypt encrypted secrets by using a static encryption key, putting sensitive information at risk if an unauthorized user gains access. The vulnerability could potentially lead to data breaches and significant privacy concerns. Marval is encouraged to update their software to a patch that addresses this issue and implement stronger encryption methods to secure their users' secrets. Until a patch is applied, it is recommended to limit access to these systems and closely monitor for any suspicious activity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Modular Switchgear Monitoring

Affected Vendors

  • Hitachi Energy