Vulnerabilities > CVE-2023-50706 - Unspecified vulnerability in Efacec UC 500E Firmware 10.1.0

CVSS 4.3 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

low complexity

efacec

NVD

Published: 2023-12-20

Updated: 2023-12-29

Summary

A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens.

Vulnerable Configurations

Part	Description	Count
OS	Efacec Efacec UC 500E Firmware 10.1.0	1
Hardware	Efacec Efacec UC 500E -	1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-03