CVE-2023-6448: Unitronics VisiLogic uses a default administrative password
First published: Tue Dec 05 2023(Updated: )
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
Credit: 9119a7d8-5eab-497f-8521-727c672e3725 9119a7d8-5eab-497f-8521-727c672e3725
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Unitronics Vision PLC | ||
| All of | ||
| Unitronics Vision1210 | <12.38 | |
| Unitronics VisiLogic OPLC IDE | ||
| All of | ||
| Unitronics Vision1040 Firmware | <12.38 | |
| Unitronics Vision1040 Firmware | ||
| All of | ||
| Unitronics Vision700 Firmware | <12.38 | |
| Unitronics Vision700 Firmware | ||
| All of | ||
| Unitronics Vision570 Firmware | <12.38 | |
| Unitronics Vision570 Firmware | ||
| All of | ||
| Unitronics Vision560 Firmware | <12.38 | |
| Unitronics Vision560 Firmware | ||
| All of | ||
| Unitronics Vision430 | <12.38 | |
| Unitronics Vision430 Firmware | ||
| All of | ||
| Unitronics Vision350 Firmware | <12.38 | |
| Unitronics Vision350 Firmware | ||
| All of | ||
| Unitronics Vision130 Firmware | <12.38 | |
| Unitronics Vision130 Firmware | ||
| All of | ||
| Unitronics Vision Series PLCs | <12.38 | |
| Unitronics Vision230 Firmware | ||
| All of | ||
| Unitronics Vision280 | <12.38 | |
| Unitronics Vision280 | ||
| All of | ||
| Unitronics Vision290 Firmware | <12.38 | |
| Unitronics Vision290 Firmware | ||
| All of | ||
| Unitronics Vision 530 Firmware | <12.38 | |
| Unitronics Vision 530 Firmware | ||
| All of | ||
| Unitronics Vision120 Firmware | <12.38 | |
| Unitronics Vision120 Firmware | ||
| Unitronics VisiLogic OPLC IDE | <9.9.00 | |
| All of | ||
| Unitronics Samba | <12.38 | |
| Unitronics Samba 3.5 Firmware | ||
| All of | ||
| Unitronics Samba 4.3 | <12.38 | |
| Unitronics Samba | ||
| All of | ||
| Unitronics Samba | <12.38 | |
| Unitronics Samba 7 firmware |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf
- https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf
- https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
- https://www.unitronicsplc.com/cyber_security_vision-samba/
- https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf;
- https://nvd.nist.gov/vuln/detail/CVE-2023-6448
Frequently Asked Questions
What is the severity of CVE-2023-6448?
CVE-2023-6448 is a high severity vulnerability due to the use of a default administrative password that allows unauthorized access to systems.
How do I fix CVE-2023-6448?
To fix CVE-2023-6448, update VisiLogic to version 9.9.00 or later and ensure that default passwords are changed immediately.
Which products are affected by CVE-2023-6448?
CVE-2023-6448 affects various Unitronics Vision and Samba PLCs and HMIs prior to VisiLogic version 9.9.00.
Can CVE-2023-6448 be exploited remotely?
Yes, CVE-2023-6448 can be exploited remotely by an unauthenticated attacker with network access.
What is the impact of CVE-2023-6448 on vulnerable systems?
The impact of CVE-2023-6448 includes potential full administrative control of affected systems by unauthorized users.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/severity
- agent/remedy
- agent/description
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/title
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/source
- agent/last-modified-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- collector/nvd-api
- vendor/unitronics
- canonical/unitronics vision plc
- canonical/unitronics vision1210
- canonical/unitronics visilogic oplc ide
- canonical/unitronics vision1040 firmware
- canonical/unitronics vision700 firmware
- canonical/unitronics vision570 firmware
- canonical/unitronics vision560 firmware
- canonical/unitronics vision430
- canonical/unitronics vision430 firmware
- canonical/unitronics vision350 firmware
- canonical/unitronics vision130 firmware
- canonical/unitronics vision series plcs
- canonical/unitronics vision230 firmware
- canonical/unitronics vision280
- canonical/unitronics vision290 firmware
- canonical/unitronics vision 530 firmware
- canonical/unitronics vision120 firmware
- canonical/unitronics samba 3.5 firmware
- canonical/unitronics samba 4.3
- canonical/unitronics samba
- canonical/unitronics samba 7 firmware