Отправить #202313: Supcon's InPlant SCADA product has an engineering file password bypass vulnerabilityИнформация

НазваниеSupcon's InPlant SCADA product has an engineering file password bypass vulnerability
ОписаниеSupcon's InPlant SCADA product has an engineering file password bypass vulnerability, which is an industrial control SCADA software produced by China's Supcon company; This software can set passwords when creating project files, but the passwords are stored in MD5 format in the Project.xml and/Users/userini files under the project file directory. By modifying or canceling the password field content in these two configuration files, password restrictions can be bypassed
Источник⚠️ https://drive.google.com/file/d/1V_O95QddCGdZzYGgx7tkMOYQ5i_alv69/view?usp=drive_link
Пользователь
 01dgu0 (UID 53763)
Представление01.09.2023 10:25 (3 лет назад)
Модерация15.09.2023 08:20 (14 days later)
Статуспринято
Запись VulDB239797 [Supcon InPlant SCADA до 20230901 Project.xml слабое шифрование]
Баллы20

Want to know what is going to be exploited?

We predict KEV entries!