CVE-2023-28713

HIGH 8.1

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can access the PC where the affected product is installed can obtain the information. As a result, information in the database may be obtained and/or altered by the user.

Vendor	contec co., ltd.
Product	conprosys hmi system (chs)
Published	Jun 1, 2023
Last Updated	Jan 9, 2025

Stay Ahead of the Next One

Get instant alerts for contec co., ltd. conprosys hmi system (chs)

Be the first to know when new high vulnerabilities affecting contec co., ltd. conprosys hmi system (chs) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Contec Co., Ltd. / CONPROSYS HMI System (CHS)

versions prior to 3.5.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

contec.com: https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_en.pdf contec.com: https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_jp.pdf jvn.jp: https://jvn.jp/en/vu/JVNVU93372935/