Vulnerabilities > CVE-2023-5846 - Use of Password Hash With Insufficient Computational Effort vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

franklinfueling

CWE-916

critical

NVD

Published: 2023-11-02

Updated: 2023-11-09

Summary

Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.

Vulnerable Configurations

Part	Description	Count
OS	Franklinfueling Franklinfueling TS 550 EVO Firmware 1.8.7.7299	1
Hardware	Franklinfueling Franklinfueling TS 550 EVO -	1

Common Weakness Enumeration (CWE)

CWE-916 - Use of Password Hash With Insufficient Computational Effort

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-04