Vulnerabilities > CVE-2023-38255 - Unspecified vulnerability in Socomec Modulys GP Firmware 01.12.10

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

socomec

NVD

Published: 2023-09-18

Updated: 2024-11-21

Summary

A potential attacker with or without (cookie theft) access to the device would be able to include malicious code (XSS) when uploading new device configuration that could affect the intended function of the device.

Vulnerable Configurations

Part	Description	Count
OS	Socomec Socomec Modulys GP Firmware 01.12.10	1
Hardware	Socomec Socomec Modulys GP -	1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03