![]() A CVSS v3 base score of 7.7 has been calculated the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).ģ.2.2 Use of Hard-coded Credentials CWE-798 An attacker with access to the internal procedures could view source code, secret credentials, and more.ĬVE-2023-6221 has been assigned to this vulnerability. The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. The following components of the FeverWarn ecosystem, an IoT-based skin temperature scanning system, are affected:ģ.2.1 Missing Authentication for Critical Function CWE-306 Successful exploitation of these vulnerabilities could allow an attacker to obtain user data from devices, execute remote code on devices, or gain control over devices to perform malicious actions. ![]() ![]() Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials, Improper Access Control, OS Command Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer ATTENTION: Exploitable remotely/low attack complexity
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |