CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45851

The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.6%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2023-45851

Boschrexroth » Ctrlx Hmi Web Panel Wr2107 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2110 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2110:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2115 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2115:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2107 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2107_firmware:*
Boschrexroth » Ctrlx Hmi Web Panel Wr2110 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2110_firmware:*
Boschrexroth » Ctrlx Hmi Web Panel Wr2115 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2115_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45851

Products

Pricing

Contact Us