Vulnerabilities > Contec > Conprosys HMI System

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2023-22339 Unspecified vulnerability in Contec Conprosys HMI System
Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product.
network
low complexity
contec
7.5
2023-01-20 CVE-2023-22373 Cross-site Scripting vulnerability in Contec Conprosys HMI System
Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information.
network
low complexity
contec CWE-79
5.4