Vulnerability Description
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microchip | Maxview Storage Manager | < 4.14.00.26068 |
| Siemens | Simatic Ipc1047E | - |
| Siemens | Simatic Ipc647E | - |
| Siemens | Simatic Ipc847E | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdfVendor Advisory
FAQ
What is CVE-2023-51438?
CVE-2023-51438 is a vulnerability with a CVSS score of 10.0 (CRITICAL). A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.2...
How severe is CVE-2023-51438?
CVE-2023-51438 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-51438?
Check the references section above for vendor advisories and patch information. Affected products include: Microchip Maxview Storage Manager, Siemens Simatic Ipc1047E, Siemens Simatic Ipc647E, Siemens Simatic Ipc847E.