Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-51438

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

Published

2024-01-09T10:15:21.077

Last Modified

2024-11-21T08:38:07.097

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 10.0 (CRITICAL)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	microchip	maxview_storage_manager	< 4.14.00.26068	Yes
Hardware	siemens	simatic_ipc1047e	-	No
Hardware	siemens	simatic_ipc647e	-	No
Hardware	siemens	simatic_ipc847e	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)