CVE-2023-22300 CVE-2023-22300

2023-03-2719:36:02

icscert

www.cve.org

remote attacker

unauthorized actions

log access

privilege escalation

cve-2023-22300

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation.

CNA Affected

[
  {
    "vendor": "SAUTER",
    "product": "EY-AS525F001 with moduWeb",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-23-082-03