GCVE - cpe:2.3:h:unitronics:vision1210:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:unitronics:vision1210:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Unitronics (`b6c508dd-1f14-5f28-864b-acb40186eec2`)
Product	Vision1210 (`ba29c79a-d85f-5988-83a7-7c3e0e71128d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-6448`	not_vulnerable	2026-06-03 14:53:51.894781	Unitronics VisiLogic uses a default administrative password CRITICAL (9.8) Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system. Published: 2023-12-05T17:43:40.451Z Updated: 2025-10-21T23:05:30.290Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems https://www.unitronicsplc.com/cyber_security_vision-samba/ https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-2003`	not_vulnerable	2026-06-03 14:51:41.924359	Embedded malicious code vulnerability in Unitronics Vision1210 CRITICAL (9.1) Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device. Published: 2023-07-13T11:25:03.096Z Updated: 2024-10-30T16:04:09.807Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso-sci/embedded-malicious-code-vulnerability-unitronics-vision1210 https://www.hackplayers.com/2023/07/vulnerabilidad-vision1210-unitronics.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-2003`	vulnerable	2026-06-03 14:51:41.919883	Embedded malicious code vulnerability in Unitronics Vision1210 CRITICAL (9.1) Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device. Published: 2023-07-13T11:25:03.096Z Updated: 2024-10-30T16:04:09.807Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso-sci/embedded-malicious-code-vulnerability-unitronics-vision1210 https://www.hackplayers.com/2023/07/vulnerabilidad-vision1210-unitronics.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.