What is CVE-2023-39452?

CVE-2023-39452 is a high-severity vulnerability in Socomec Modulys Gp (Mod3gp-sy-120k), classified under Plaintext Storage of a Password. CVSS score: 7.5/10. Published 2023-09-18.

How severe is CVE-2023-39452?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Socomec Modulys Gp (Mod3gp-sy-120k)

CVE-2023-39452

The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web applicati…

EPSS: 0.001 (24.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Socomec Modulys Gp (Mod3gp-sy-120k) — versions v01.12.10

Weakness classification (CWE)

CWE-256 — Plaintext Storage of a Password

References

www.cisa.gov/news-events/ics-advisories/icsa-23-250-03

Frequently asked questions

What is CVE-2023-39452?: CVE-2023-39452 is a high-severity vulnerability in Socomec Modulys Gp (Mod3gp-sy-120k), classified under Plaintext Storage of a Password. CVSS score: 7.5/10. Published 2023-09-18.
How severe is CVE-2023-39452?: High severity. CVSS v3 base score is 7.5 out of 10.