GCVE - cpe:2.3:h:loytec:lvis-3me12-a1:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:loytec:lvis-3me12-a1:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Loytec (`6190caa2-852a-5dba-b6c8-40e7b31c6b3d`)
Product	Lvis 3Me12 A1 (`c8ad0d35-1ba5-515e-a62d-99b472b53ff2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-46382`	not_vulnerable	2026-06-03 14:53:10.000949	Details available LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login. Published: 2023-11-04T00:00:00.000Z Updated: 2025-11-04T19:25:37.303Z Open on db.gcve.eu Reference links https://seclists.org/fulldisclosure/2023/Nov/0 http://packetstormsecurity.com/files/175646/LOYTEC-Electronics-Insecure-Transit-Insecure-Permissions-Unauthenticated-Access.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46381`	not_vulnerable	2026-06-03 14:53:10.000532	Details available LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticated attacker can edit any project (or create a new project) and control its GUI. Published: 2023-11-04T00:00:00.000Z Updated: 2025-11-04T19:25:36.230Z Open on db.gcve.eu Reference links https://seclists.org/fulldisclosure/2023/Nov/0 http://packetstormsecurity.com/files/175646/LOYTEC-Electronics-Insecure-Transit-Insecure-Permissions-Unauthenticated-Access.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46380`	not_vulnerable	2026-06-03 14:53:09.999074	Details available LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP. Published: 2023-11-04T00:00:00.000Z Updated: 2025-11-04T19:25:35.144Z Open on db.gcve.eu Reference links https://seclists.org/fulldisclosure/2023/Nov/0 http://packetstormsecurity.com/files/175646/LOYTEC-Electronics-Insecure-Transit-Insecure-Permissions-Unauthenticated-Access.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46380`	vulnerable	2026-06-03 14:53:09.997164	Details available LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP. Published: 2023-11-04T00:00:00.000Z Updated: 2025-11-04T19:25:35.144Z Open on db.gcve.eu Reference links https://seclists.org/fulldisclosure/2023/Nov/0 http://packetstormsecurity.com/files/175646/LOYTEC-Electronics-Insecure-Transit-Insecure-Permissions-Unauthenticated-Access.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.