CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23588

A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application. A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.9%

CVSS Severity

CVSS v3 Score 6.2

References

Products affected by CVE-2023-23588

Microchip » Maxview Storage Manager » Version: N/A

cpe:2.3:a:microchip:maxview_storage_manager:-
Siemens » Simatic Ipc1047 » Version: N/A

cpe:2.3:h:siemens:simatic_ipc1047:-
Siemens » Simatic Ipc1047e » Version: N/A

cpe:2.3:h:siemens:simatic_ipc1047e:-
Siemens » Simatic Ipc647d » Version: N/A

cpe:2.3:h:siemens:simatic_ipc647d:-
Siemens » Simatic Ipc647e » Version: N/A

cpe:2.3:h:siemens:simatic_ipc647e:-
Siemens » Simatic Ipc847d » Version: N/A

cpe:2.3:h:siemens:simatic_ipc847d:-
Siemens » Simatic Ipc847e » Version: N/A

cpe:2.3:h:siemens:simatic_ipc847e:-
Siemens » Simatic Ipc1047 Firmware » Version: Any

cpe:2.3:o:siemens:simatic_ipc1047_firmware:*
Siemens » Simatic Ipc647d Firmware » Version: 19.01.07

cpe:2.3:o:siemens:simatic_ipc647d_firmware:19.01.07
Siemens » Simatic Ipc647d Firmware » Version: 19.01.10

cpe:2.3:o:siemens:simatic_ipc647d_firmware:19.01.10
Siemens » Simatic Ipc647d Firmware » Version: 19.01.14

cpe:2.3:o:siemens:simatic_ipc647d_firmware:19.01.14
Siemens » Simatic Ipc847d Firmware » Version: 19.01.07

cpe:2.3:o:siemens:simatic_ipc847d_firmware:19.01.07
Siemens » Simatic Ipc847d Firmware » Version: 19.01.10

cpe:2.3:o:siemens:simatic_ipc847d_firmware:19.01.10
Siemens » Simatic Ipc847d Firmware » Version: 19.01.14

cpe:2.3:o:siemens:simatic_ipc847d_firmware:19.01.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23588

Products

Pricing

Contact Us