CVE-2023-51438

🗓️ 09 Jan 2024 10:00:13Reported by siemensType

A vulnerability has been found in SIMATIC IPC1047E, IPC647E, and IPC847E with maxView Storage Manager < V4.14.00.26068 on Windows, allowing unauthorized access

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the Redfish server of the storage manager MaxView on industrial computers SIMATIC IPC647E, SIMATIC IPC847E, and SIMATIC IPC1047E allows a perpetrator to gain unauthorized full access to the device.	10 Jan 202400:00	–	bdu_fstec
Circl	CVE-2023-51438	9 Jan 202411:26	–	circl
CNNVD	Siemens SIMATIC IPC1047E 安全漏洞	9 Jan 202400:00	–	cnnvd
CNVD	maxView Storage Manager Input Validation Error Vulnerability	10 Jan 202400:00	–	cnvd
CVE	CVE-2023-51438	9 Jan 202410:00	–	cve
EUVD	EUVD-2023-56158	3 Oct 202520:07	–	euvd
ICS	Siemens SIMATIC	9 Jan 202400:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	9 Jan 202400:00	–	ncsc
NVD	CVE-2023-51438	9 Jan 202410:15	–	nvd
Prion	Design/Logic Flaw	9 Jan 202410:15	–	prion

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC IPC1047E",
    "versions": [
      {
        "version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC IPC647E",
    "versions": [
      {
        "version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC IPC847E",
    "versions": [
      {
        "version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf

09 Jan 2024 10:00Current

9.4High risk

Vulners AI Score9.4

CVSS 3.110

EPSS0.00646

CWE-20