Uc 500e Firmware

uc_500e_firmware

Vendor: Efacec • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-50706 1Efacec 1Uc 500e Firmware Nov 21, 2024 Dec 20, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens.
CVE-2023-50705 1Efacec 1Uc 500e Firmware Nov 21, 2024 Dec 20, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 An attacker could create malicious requests to obtain sensitive information about the web server.
CVE-2023-50704 1Efacec 1Uc 500e Firmware Nov 21, 2024 Dec 20, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users.
CVE-2023-50703 1Efacec 1Uc 500e Firmware Nov 21, 2024 Dec 20, 2023 N/A· v4 5.9 MEDIUM· v3 N/A· v2 An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.