CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2023-6448

CVSS 9.8v3.1pub. 2023-12-05upd. 2026-02-26

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.

🤖 AI Analysis
How it works

The vulnerability results from the use of a hardcoded default administrator password in VisiLogic software (CWE-798, CWE-1188). Since this password is identical across all installations and changing it is not enforced, an attacker can log in to the device over the network without any authentication by providing the known default credentials. The access control mechanism is effectively inactive, which classifies the vulnerability as a complete Authentication Bypass.

Impact

Attackers gain full administrative control over the device — they can modify PLC control logic, change industrial process parameters, disable devices, or install malicious configurations, posing a serious threat to the continuity of industrial infrastructure (OT/ICS) operations.

Mitigation & patch

VisiLogic software must be updated to version 9.9.00 or newer. Additionally, the default administrator password must be immediately changed to a strong and unique one. It is also recommended to restrict network access to Unitronics devices through OT network segmentation and use VPN for remote access. Detailed guidance is provided in the manufacturer's security guide and CISA alert.

Who is affected

Unitronics VisiLogic before version 9.9.00 used in PLC controllers and HMI panels from the Vision series (including Vision1210, Vision1040, Vision700) and Samba

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Unitronics Samba 3.5

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Samba 3.5 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Samba 4.3

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Samba 4.3 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Samba 7

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Samba 7 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Visilogic

    APP
    Unitronics
    < 9.9.00
  • Unitronics Vision1040

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision1040 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision120

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision120 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision1210

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision1210 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision130

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision130 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision230

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision230 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision280

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision280 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision290

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision290 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision350

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision350 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision430

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision430 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision530

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision530 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision560

    HW
    Unitronics
    wszystkie wersje
  • Unitronics Vision560 Firmware

    OS
    Unitronics
    < 12.38
  • Unitronics Vision570

    HW
    Unitronics
    wszystkie wersje

CISA KEV — detailsi

Vendori
Unitronics
Producti
Vision PLC and HMI
Added to KEVi
December 11, 2023
Remediation deadline (US Federal)i
December 18, 2023(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 18 grudnia 2023
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2023-2003CRITICAL9.1ten sam produkt

Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which cou...

CVE-2024-38435MEDIUM6.5ten sam produkt

Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of serv...

CVE-2024-27768CRITICAL9.8PL ✓ten sam vendor

Path Traversal w Unitronics Unilogic umożliwiający RCE

CVE-2024-27767CRITICAL10.0PL ✓ten sam vendor

Pominięcie uwierzytelnienia w Unitronics Unilogic (Authentication Bypass)

CVE-2016-4519CRITICAL9.8ten sam vendor

Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute ...