CVE-2023-22334

Summary

Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack.

Affected Software

VendorProductVersion RangeStatus
Contec Co., Ltd.CONPROSYS HMI System (CHS)Ver.3.4.5 and earlieraffected

Weaknesses

  • Use of password hash instead of password for authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References