Unrated severityNVD Advisory· Published Sep 18, 2023· Updated Sep 24, 2024

Socomec MOD3GP-SY-120K Cross-Site Request Forgery

CVE-2023-39446

Description

Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application.

Affected products

Socomec/Modulys Gp (mod3gp Sy 120k)v5
Range: v01.12.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisa.gov/news-events/ics-advisories/icsa-23-250-03mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000