Design/Logic Flaw

2023-10-2621:15:00

PRIOn knowledge base

www.prio-n.com

sielco polyeco1000

access control

vulnerability

unauthorized access

resources

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.

References

www.cisa.gov/news-events/ics-advisories/icsa-23-299-07