CVE-2023-43492 Information

Oct 20, 2023 cve

Description

In Weintek’s cMT3000 HMI Web CGI device the cgi-bin codesys.cgi contains a stack-based buffer overflow which could allow an anonymous attacker to hijack control flow and bypass login authentication.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf

Share on: