CVE-2023-46661

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 26, 2023
Updated: Nov 6, 2023
CWE ID 284

Summary

CVE-2023-46661 is a newly disclosed vulnerability affecting Sielco PolyEco1000. An attacker can exploit this issue by manipulating passwords in POST requests, allowing them to escalate their privileges unauthorizedly. This weakness could potentially enable unauthenticated users to gain administrative access, posing a significant security risk. The vulnerability requires no prior authentication or user interaction and can be exploited remotely. Sielco is advised to apply the necessary patches or updates as soon as possible to mitigate the threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share