High severity7.8NVD Advisory· Published Jun 1, 2023· Updated Jun 17, 2026
CVE-2023-28399
CVE-2023-28399
Description
Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC where the affected product is installed. As a result, the user may be able to destroy the system and/or execute a malicious program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.5.3
- Range: versions prior to 3.5.3
Patches
Vulnerability mechanics
References
3- jvn.jp/en/vu/JVNVU93372935/nvdThird Party Advisory
- www.contec.com/api/downloadloggernvdVendor Advisory
- www.contec.com/jp/api/downloadloggernvdVendor Advisory
News mentions
0No linked articles in our index yet.