CVE-2016-4501

Published: May 31, 2016Modified: May 6, 2026

9.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors.

Affected (1)

Products: Envirosys: Esc 8832 Data Controller

Envirosys

1 product

Esc 8832 Data Controller

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Envirosys Esc 8832 Data Controller	Up to 3.02

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.