CVE-2023-27927

CVE Database · CVE-2023-27927

CVE-2023-27927

· MEDIUMModified

CVSS v3.1

6.5

EPSS

0.36%

Published

Mar 27, 2023

Modified

Jan 17, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-319

Affected Products (2)

sauter-controls · ey-as525f001_firmwarevulnerable

sauter-controls · ey-as525f001

References (2)

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03

Third Party AdvisoryUS Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03

Third Party AdvisoryUS Government Resource

KEV Catalog EPSS Scores Vendors All CVEs