Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2023-22807
Vulnerability Description
LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
LS ELECTRIC XBC-DN32U 访问控制错误漏洞
Vulnerability Description
LS ELECTRIC XBC-DN32U是韩国LS ELECTRIC公司的一款 PLC 可编程逻辑控制器。 LS ELECTRIC XBC-DN32U 01.80版本存在访问控制错误漏洞,该漏洞源于设备无法通过其内部 XGT 协议正确控制对 PLC 的访问,攻击者利用该漏洞可以通过 XGT 协议向 PLC 发送数据包来控制和篡改 PLC。
CVSS Information
N/A
Vulnerability Type
N/A