Ls-electric Xbc-dn32u Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Ls-electric Xbc-dn32u Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-22807 — CVSS 9.8 (critical): LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An…
CVE-2023-22804 — CVSS 9.1 (critical): LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an…
CVE-2023-0102 — CVSS 9.1 (critical): LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker…
CVE-2023-0103 — CVSS 7.5 (high): If an attacker were to access memory locations of LS ELECTRIC XBC-DN32U with operating system version 01.80 that are outside of the…
CVE-2023-22806 — CVSS 7.5 (high): LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT…
CVE-2023-22803 — CVSS 7.5 (high): LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could…
CVE-2023-22805 — CVSS 6.5 (medium): LS ELECTRIC XBC-DN32U with operating system version 01.80 has improper access control to its read prohibition feature. This could allow a…