Unitronics: >> Vision1210 Security Vulnerabilities
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
Known exploited
CVSS Score
9.8
EPSS Score
0.133
Published
2023-12-05
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-07-13