Machinesense Feverwarn
6 CVEs affecting Machinesense Feverwarn. Latest disclosed: 2024-02-01. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-49617 | Critical | 10.0 | 2024-02-01 | The MachineSense application programmable interface (API) is improperly protected and can be accessed without authentication. A remote attacker could retr… |
CVE-2023-46706 | Critical | 9.1 | 2024-02-01 | Multiple MachineSense devices have credentials unable to be changed by the user or administrator. |
CVE-2023-47867 | High | 8.8 | 2024-02-01 | MachineSense FeverWarn devices are configured as Wi-Fi hosts in a way that attackers within range could connect to the device's web services and compr… |
CVE-2023-49610 | High | 8.1 | 2024-02-01 | MachineSense FeverWarn Raspberry Pi-based devices lack input sanitization, which could allow an attacker on an adjacent network to send a message ru… |
CVE-2023-6221 | High | 7.7 | 2024-02-01 | The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSe… |
CVE-2023-49115 | High | 7.5 | 2024-02-01 | MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users. |