Lucene search

K
cve[email protected]CVE-2023-5459
HistoryOct 09, 2023 - 7:15 p.m.

CVE-2023-5459

2023-10-0919:15:10
CWE-404
web.nvd.nist.gov
24
cve-2023-5459
delta electronics
dvp32es2
plc
critical vulnerability
password transmission handler
denial of service
vdb-241582
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

30.3%

A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected configurations

Vulners
NVD
Node
delta_electronicsispsoftMatch1.48
VendorProductVersionCPE
delta_electronicsispsoft1.48cpe:2.3:o:delta_electronics:ispsoft:1.48:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Delta Electronics",
    "product": "DVP32ES2 PLC",
    "versions": [
      {
        "version": "1.48",
        "status": "affected"
      }
    ],
    "modules": [
      "Password Transmission Handler"
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

30.3%

Related for CVE-2023-5459