ГлавнаяУязвимости → CVE-2023-6221
7.7высокая

CVE-2023-6221

→ есть в БДУ: BDU:2024-00909 (на русском)
Описание (на английском; русское — в БДУ выше)

The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. An attacker with access to the internal procedures could view source code, secret credentials, and more.

Затрагиваемое ПО
Machinesense Feverwarn firmwareMachinesense Feverwarn
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Источники
https://machinesense.com/pages/about-machinesensehttps://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01https://machinesense.com/pages/about-machinesensehttps://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01