Vulnerabilities > CVE-2023-2758 - Unspecified vulnerability in Contec Conprosys HMI System

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

contec

NVD

Published: 2023-05-31

Updated: 2023-06-07

Summary

A denial of service vulnerability exists in Contec CONPROSYS HMI System versions 3.5.2 and prior. When there is a time-zone mismatch in certain configuration files, a remote, unauthenticated attacker may deny logins for an extended period of time.

Vulnerable Configurations

Part	Description	Count
Application	Contec Contec Conprosys HMI System 3.3.0 Contec Conprosys HMI System 3.4.3 Contec Conprosys HMI System 3.4.4 Contec Conprosys HMI System 3.4.5	4

References

https://jvn.jp/en/vu/JVNVU93372935/index.html
https://www.tenable.com/security/research/tra-2023-21