Skip to main content

Xbc Dn32U Firmware

7 CVEs product

Monthly

CVE-2023-22807 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-22806 HIGH This Week

LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xbc Dn32U Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-22805 MEDIUM This Month

LS ELECTRIC XBC-DN32U with operating system version 01.80 has improper access control to its read prohibition feature. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-22804 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-22803 HIGH This Week

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-0103 HIGH This Week

If an attacker were to access memory locations of LS ELECTRIC XBC-DN32U with operating system version 01.80 that are outside of the communication buffer, the device stops operating. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xbc Dn32U Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-0102 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xbc Dn32U Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

LS ELECTRIC XBC-DN32U with operating system version 01.80 has improper access control to its read prohibition feature. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

If an attacker were to access memory locations of LS ELECTRIC XBC-DN32U with operating system version 01.80 that are outside of the communication buffer, the device stops operating. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xbc Dn32U Firmware
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy