CVE-2023-6689 Cross-Site Request Forgery in EFACEC BCU 500

A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application...

CVE-2023-50707 Uncontrolled Resource Consumption in EFACEC BCU 500

Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...

EFACEC BCU 500

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : EFACEC Equipment : BCU 500 Vulnerabilities : Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

EFACEC BCU 500 Resource Management Error Vulnerability

The EFACEC BCU 500 is a programmable control system from EFACEC Portugal. The EFACEC BCU 500 suffers from a resource management error vulnerability that originates from the fact that by exploiting an active user session, an attacker can send a custom request to cause a denial of service on the...

PT-2023-31613 · Efacec · Bcu 500 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows an attacker to send custom requests to cause a denial-of-service condition on the device through the exploitation of active user...