Conprosys Hmi System Security Vulnerabilities and Issues — Conprosys Hmi System CVE List

Lucene search

ContecConprosys Hmi System

4 matches found

CVE•added 2023/01/20 3:15 a.m.•77 views

CVE-2023-22339

Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product.

7.5CVSS7.5AI score0.00287EPSS

CVE•added 2023/01/20 3:15 a.m.•45 views

CVE-2023-22331

Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information.

7.5CVSS7.5AI score0.01158EPSS

CVE•added 2023/06/01 2:15 a.m.•35 views

CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page.

7.2CVSS7.4AI score0.11041EPSS

CVE•added 2023/06/01 2:15 a.m.•29 views

CVE-2023-28399

Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC w...

7.8CVSS7.5AI score0.00051EPSS