Vulnerabilities in Contec Co., Ltd.
25 resultsCVE-2023-22334MEDIUMUse of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remotEPSS 0.9%CVE-2023-28657HIGHImproper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected prodEPSS 0.7%CVE-2023-28824MEDIUMServer-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected pEPSS 0.6%CVE-2023-28713HIGHPlaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database isEPSS 0.4%CVE-2023-28399HIGHIncorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control ListEPSS 0.2%