CVE-2023-46664

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Oct 26, 2023
Updated: Nov 7, 2023
CWE ID 284

Summary

CVE-2023-46664 is a vulnerability affecting Sielco PolyEco1000, where access controls are bypassed due to the application's direct access to objects based on user-supplied input. This issue allows attackers to bypass authorization and gain unauthorized access to resources behind protected pages. The vulnerability can potentially lead to data theft, unintended modifications, or other unintended consequences if exploited successfully. It is crucial for users to apply the available patch or workaround to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share