Vulnerability Database
299,038
Total vulnerabilities in the database
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
| Software | From | Fixed in |
|---|---|---|
| unitronics / vision1210_firmware | - | 12.38 |
| unitronics / vision1040_firmware | - | 12.38 |
| unitronics / vision700_firmware | - | 12.38 |
| unitronics / vision570_firmware | - | 12.38 |
| unitronics / vision560_firmware | - | 12.38 |
| unitronics / vision430_firmware | - | 12.38 |
| unitronics / vision350_firmware | - | 12.38 |
| unitronics / vision130_firmware | - | 12.38 |
| unitronics / vision230_firmware | - | 12.38 |
| unitronics / vision280_firmware | - | 12.38 |
| unitronics / vision290_firmware | - | 12.38 |
| unitronics / vision530_firmware | - | 12.38 |
| unitronics / vision120_firmware | - | 12.38 |
| unitronics / visilogic | - | 9.9.00 |
| unitronics / samba_3.5_firmware | - | 12.38 |
| unitronics / samba_4.3_firmware | - | 12.38 |
| unitronics / samba_7_firmware | - | 12.38 |
- https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf
- https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-6448
- https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
- https://www.unitronicsplc.com/cyber_security_vision-samba/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime