Uc 500E Firmware
CVE-2023-50703
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.
AnalysisAI
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-319. An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. Affected products include: Efacec Uc 500E Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Uc 500E Firmware
View allAn attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and c
An attacker could create malicious requests to obtain sensitive information about the web server. Rated medium severity
A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the runn
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today