CVE-2023-28399
https://notcve.org/view.php?id=CVE-2023-28399
Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC where the affected product is installed. As a result, the user may be able to destroy the system and/or execute a malicious program. • https://jvn.jp/en/vu/JVNVU93372935 https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_en.pdf https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_jp.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-2758 – Contec CONPROSYS HMI System (CHS) v3.5.2 Denial of Service
https://notcve.org/view.php?id=CVE-2023-2758
A denial of service vulnerability exists in Contec CONPROSYS HMI System versions 3.5.2 and prior. When there is a time-zone mismatch in certain configuration files, a remote, unauthenticated attacker may deny logins for an extended period of time. • https://jvn.jp/en/vu/JVNVU93372935/index.html https://www.tenable.com/security/research/tra-2023-21 • CWE-799: Improper Control of Interaction Frequency •
CVE-2023-22324
https://notcve.org/view.php?id=CVE-2023-22324
SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in the database may be obtained. Vulnerabilidad de inyección SQL en CONPROSYS HMI System (CHS) Ver.3.5.0 y anteriores permite que un atacante remoto autenticado ejecute un comando SQL arbitrario. Como resultado, se puede obtener información almacenada en la base de datos. • https://jvn.jp/en/vu/JVNVU97195023 https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230124_en.pdf https://www.contec.com/download/contract/contract4/?itemid=ea8039aa-3434-4999-9ab6-897aa690210c&downloaditemid=866d7d3c-aae9-438d-87f3-17aa040df90b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-22373
https://notcve.org/view.php?id=CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information. Vulnerabilidad de cross-site scripting en CONPROSYS HMI System (CHS) Ver.3.4.5 y anteriores permite a un atacante remoto autenticado inyectar un script arbitrario y obtener información confidencial. • https://jvn.jp/en/vu/JVNVU96873821 https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-03 https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230110_en.pdf https://www.contec.com/download/contract/contract4/?itemid=ea8039aa-3434-4999-9ab6-897aa690210c&downloaditemid=866d7d3c-aae9-438d-87f3-17aa040df90b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-22334
https://notcve.org/view.php?id=CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack. El uso de hash de contraseña en lugar de contraseña para la vulnerabilidad de autenticación en CONPROSYS HMI System (CHS) Ver.3.4.5 y anteriores permite a un atacante autenticado remoto obtener información de credenciales de usuario a través de un ataque de intermediario. • https://jvn.jp/en/vu/JVNVU96873821 https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-03 https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230110_en.pdf https://www.contec.com/download/contract/contract4/?itemid=ea8039aa-3434-4999-9ab6-897aa690210c&downloaditemid=866d7d3c-aae9-438d-87f3-17aa040df90b • CWE-287: Improper Authentication •