CVE-2023-43776

Summary

CVE	CVE-2023-43776
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-10-17 13:15:00 UTC
Updated	2023-10-25 13:38:00 UTC
Description	Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card (*.PRG file ending).

Risk And Classification

Problem Types: CWE-326

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Eaton	Easy-box-e4-ac1	-	All	All	All
Operating System	Eaton	Easy-box-e4-ac1 Firmware	All	All	All	All
Hardware	Eaton	Easy-box-e4-dc1	-	All	All	All
Operating System	Eaton	Easy-box-e4-dc1 Firmware	All	All	All	All
Hardware	Eaton	Easy-box-e4-uc1	-	All	All	All
Operating System	Eaton	Easy-box-e4-uc1 Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-ac-12rc1p	-	All	All	All
Operating System	Eaton	Easy-e4-ac-12rc1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-ac-12rcx1p	-	All	All	All
Operating System	Eaton	Easy-e4-ac-12rcx1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-ac-16re1p	-	All	All	All
Operating System	Eaton	Easy-e4-ac-16re1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-12tc1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-12tc1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-12tcx1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-12tcx1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-16te1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-16te1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-4pe1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-4pe1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-6ae1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-6ae1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-dc-8te1p	-	All	All	All
Operating System	Eaton	Easy-e4-dc-8te1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-uc-12rc1p	-	All	All	All
Operating System	Eaton	Easy-e4-uc-12rc1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-uc-12rcx1p	-	All	All	All
Operating System	Eaton	Easy-e4-uc-12rcx1p Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-uc-16re1	-	All	All	All
Hardware	Eaton	Easy-e4-uc-16re1p	-	All	All	All
Operating System	Eaton	Easy-e4-uc-16re1p Firmware	All	All	All	All
Operating System	Eaton	Easy-e4-uc-16re1 Firmware	All	All	All	All
Hardware	Eaton	Easy-e4-uc-8re1p	-	All	All	All
Operating System	Eaton	Easy-e4-uc-8re1p Firmware	All	All	All	All
Hardware	Eaton	Easy E4-ac-8re1p	-	All	All	All
Operating System	Eaton	Easy E4-ac-8re1p Firmware	All	All	All	All
Hardware	Eaton	Xv-102-a035tqrb-1e4	-	All	All	All
Operating System	Eaton	Xv-102-a035tqrb-1e4 Firmware	All	All	All	All
Hardware	Eaton	Xv-102-a3-57tvrb-1e4	-	All	All	All
Operating System	Eaton	Xv-102-a3-57tvrb-1e4 Firmware	All	All	All	All
Hardware	Eaton	Xv100-box-e4-dc1	-	All	All	All
Operating System	Eaton	Xv100-box-e4-dc1 Firmware	All	All	All	All
Hardware	Eaton	Xv100-box-e4-uc1	-	All	All	All
Operating System	Eaton	Xv100-box-e4-uc1 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/securit...	MISC	www.eaton.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.