CVE-2023-38028
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Aug 28, 2023
Updated: Aug 29, 2023
CWE ID 306
Summary
CVE-2023-38028 is a vulnerability affecting Saho's attendance devices, the ADM100 and ADM-100FP. This issue involves insufficient authentication, allowing unauthenticated remote attackers to bypass the system's security measures. Once they bypass the authentication, they can access system information and manipulate user data without proper authorization. However, they cannot control the system or cause disruptions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Saho