virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in CONPROSYS HMI System ICSA-22-347-03

description-logoDescription

In CONPROSYS HMI System Ver.3.4.5 and prior: user credential information could be altered by a remote unauthenticated attacker or be obtained via a machine-in-the-middle attack, an arbitrary script could be executed on the web browser of the administrative user logging into the product, and a remote unauthenticated attacker could obtain the server certificate, including the private key of the product.

affected-products-logoAffected Applications

CONPROSYS HMI System

Telemetry logoTelemetry

CVE References

CVE-2023-22331 CVE-2023-22334 CVE-2023-22339 CVE-2023-22373

Other References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-03
ID 4739
Created Jan 28, 2023
Description
Updated		 Nov 07, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Contec
Patch manual
Application CONPROSYS HMI System