What is the severity of CVE-2023-2003?

CVE-2023-2003 has been classified with a high severity level due to its potential impact on device integrity and security.

How do I fix CVE-2023-2003?

To fix CVE-2023-2003, update the Vision1210 firmware to the latest version provided by Unitronics that mitigates this vulnerability.

Who is affected by CVE-2023-2003?

CVE-2023-2003 affects users of the Unitronics Vision1210 operating system version 4.3, build 5.

What are the risks associated with CVE-2023-2003?

The main risk associated with CVE-2023-2003 is that remote attackers may execute arbitrary malicious code on the affected device.

Is CVE-2023-2003 publicly known?

Yes, CVE-2023-2003 has been publicly disclosed and is recognized as a vulnerability in the cybersecurity community.

Vulnerability/
CVE-2023-2003

critical

9.8

CWE

506

13/7/2023

30/10/2024

CVE-2023-2003: Embedded malicious code vulnerability in Unitronics Vision1210

First published: Thu Jul 13 2023(Updated: )

Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device.

Credit: cve-coordination@incibe.es

Affected Software	Affected Version	How to fix
Unitronics Vision1210 Firmware	=4.3-build_5
Unitronics VisiLogic OPLC IDE

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-2003?
CVE-2023-2003 has been classified with a high severity level due to its potential impact on device integrity and security.
How do I fix CVE-2023-2003?
To fix CVE-2023-2003, update the Vision1210 firmware to the latest version provided by Unitronics that mitigates this vulnerability.
Who is affected by CVE-2023-2003?
CVE-2023-2003 affects users of the Unitronics Vision1210 operating system version 4.3, build 5.
What are the risks associated with CVE-2023-2003?
The main risk associated with CVE-2023-2003 is that remote attackers may execute arbitrary malicious code on the affected device.
Is CVE-2023-2003 publicly known?
Yes, CVE-2023-2003 has been publicly disclosed and is recognized as a vulnerability in the cybersecurity community.

collector/nvd-latest
agent/references
agent/type
agent/weakness
agent/description
agent/severity
agent/title
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
agent/author
vendor/unitronicsplc
canonical/unitronics vision1210 firmware
version/unitronics vision1210 firmware/4.3-build_5
canonical/unitronics visilogic oplc ide

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.