What is CVE-2023-43777?

CVE-2023-43777 is a vulnerability in the Eaton easySoft software that allows unauthorized access to project files due to insecure password storage.

What is the severity of CVE-2023-43777?

CVE-2023-43777 has a severity rating of medium with a value of 6.5.

How can I fix CVE-2023-43777?

To fix CVE-2023-43777, it is recommended to apply the security update provided by Eaton and follow their instructions.

Where can I find more information about CVE-2023-43777?

You can find more information about CVE-2023-43777 in the security bulletin published by Eaton at the following link: [https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2023-1011.pdf](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2023-1011.pdf)

Vulnerability/
CVE-2023-43777

medium

6.5

CWE

256 522

17/10/2023

13/9/2024

CVE-2023-43777: Insecure storage of password in easySoft

Q: How does the Eaton easySoft software work?

The Eaton easySoft software is used to program easy controllers and displays for configuring, programming, and defining parameters for intelligent relays.

First published: Tue Oct 17 2023(Updated: )

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored insecurely and could be retrieved by skilled adversaries.

Credit: CybersecurityCOE@eaton.com CybersecurityCOE@eaton.com

Affected Software	Affected Version	How to fix
Eaton EASYsoft	<8.01

Never miss a vulnerability like this again

Reference Links

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2023-1011.pdf

Frequently Asked Questions

What is CVE-2023-43777?
CVE-2023-43777 is a vulnerability in the Eaton easySoft software that allows unauthorized access to project files due to insecure password storage.
How does the Eaton easySoft software work?
The Eaton easySoft software is used to program easy controllers and displays for configuring, programming, and defining parameters for intelligent relays.
What is the severity of CVE-2023-43777?
CVE-2023-43777 has a severity rating of medium with a value of 6.5.
How can I fix CVE-2023-43777?
To fix CVE-2023-43777, it is recommended to apply the security update provided by Eaton and follow their instructions.
Where can I find more information about CVE-2023-43777?
You can find more information about CVE-2023-43777 in the security bulletin published by Eaton at the following link: [https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2023-1011.pdf](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2023-1011.pdf)

collector/nvd-index
collector/nvd-api
agent/type
agent/weakness
agent/author
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/title
agent/first-publish-date
agent/severity
agent/tags
agent/description
agent/event
vendor/eaton
canonical/eaton easysoft

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.