CVE-2023-6448

KEV
Published: Dic 05, 2023 Last Modified: Feb 26, 2026
ExploitDB:
Other exploit source:
Google Dorks:
CRITICAL 9,8
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,1329
Percentile
0,9th
Updated

EPSS Score Trend (Last 90 Days)

798

Use of Hard-coded Credentials

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Integrity Confidentiality Availability Other
Potential Impacts:
Bypass Protection Mechanism Read Application Data Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands Other
Applicable Platforms
Technologies: ICS/OT, Mobile
Likelihood of Exploit: High
View CWE Details
1188

Initialization of a Resource with an Insecure Default

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
All platforms may be affected
View CWE Details
Operating System

Samba 3.5 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Samba 3.5 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:samba_3.5_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Visilogic by Unitronics

Product Information
Vendor Unitronics
Product Visilogic
Version Range Affected
To 9.9.00 (exclusive)
cpe:2.3:a:unitronics:visilogic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Samba 7 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Samba 7 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:samba_7_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision560 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision560 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision560_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision570 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision570 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision570_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision230 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision230 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision230_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Samba 4.3 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Samba 4.3 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:samba_4.3_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision350 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision350 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision350_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision1040 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision1040 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision1040_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision130 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision130 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision130_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision700 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision700 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision700_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision1210 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision1210 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision1210_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision430 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision430 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision430_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision530 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision530 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision530_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision280 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision280 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision280_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision290 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision290 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision290_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Vision120 Firmware by Unitronics

Product Information
Vendor Unitronics
Product Vision120 Firmware
Version Range Affected
To 12.38 (exclusive)
cpe:2.3:o:unitronics:vision120_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023…
https://downloads.unitronicsplc.com/Sites/plc/Technical_Lib…
https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybe…
https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Ver…
https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Rep…
https://www.cisa.gov/news-events/alerts/2023/11/28/exploita…
https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs…
https://www.unitronicsplc.com/cyber_security_vision-samba/
https://www.unitronicsplc.com/cyber_security_vision-samba/
https://downloads.unitronicsplc.com/Sites/plc/Technical_Lib…
https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybe…
https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Ver…
https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Rep…
https://www.cisa.gov/news-events/alerts/2023/11/28/exploita…
https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs…
https://www.unitronicsplc.com/cyber_security_vision-samba/
https://www.unitronicsplc.com/cyber_security_vision-samba/