CVE-2023-46661
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Oct 26, 2023
Updated: Nov 6, 2023
CWE ID 284
Summary
CVE-2023-46661 is a newly disclosed vulnerability affecting Sielco PolyEco1000. An attacker can exploit this issue by manipulating passwords in POST requests, allowing them to escalate their privileges unauthorizedly. This weakness could potentially enable unauthenticated users to gain administrative access, posing a significant security risk. The vulnerability requires no prior authentication or user interaction and can be exploited remotely. Sielco is advised to apply the necessary patches or updates as soon as possible to mitigate the threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share