Main Vulnerability Database Vulnerabilities #VU74171

Insufficiently protected credentials in KVMS Pro - CVE-2023-1518

Published: March 29, 2023

Vulnerability identifier: #VU74171

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-1518

CWE-ID: CWE-522

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
KVMS Pro

Software vendor:
CP Plus

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A local user can gain access to sensitive credentials and control the entire CCTV system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-02

Insufficiently protected credentials in KVMS Pro - CVE-2023-1518

Description

Remediation

External links

Please verify you're human