Vulnerabilities > CVE-2023-51438 - Unspecified vulnerability in Microchip Maxview Storage Manager 4.09.00.25611

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

microchip

critical

NVD

Published: 2024-01-09

Updated: 2024-01-16

Summary

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

Vulnerable Configurations

Part	Description	Count
Application	Microchip Microchip Maxview Storage Manager - Microchip Maxview Storage Manager 4.09.00.25611	2
Hardware	Siemens Siemens Simatic Ipc1047E - Siemens Simatic Ipc647E - Siemens Simatic Ipc847E -	3

References

https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf