Vulnerabilities > CVE-2023-22807 - Unspecified vulnerability in Ls-Electric Xbc-Dn32U Firmware 01.80

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
ls-electric
critical

Summary

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.

Vulnerable Configurations

Part Description Count
OS
Ls-Electric
1
Hardware
Ls-Electric
1