CVE-2023-46382 LOYTEC electronics GmbH CVE debrief

Who should care

Organizations operating LOYTEC LINX series building automation and industrial control devices, particularly in facilities management, smart building deployments, and critical infrastructure environments where credential compromise could enable unauthorized system access. Security teams responsible for OT/ICS network security and network administrators managing segmented industrial control networks should prioritize assessment.

Technical summary

Affected LOYTEC electronics GmbH devices transmit login credentials over unencrypted HTTP connections. The vulnerability exists in LINX-212 firmware 6.2.4, LVIS-3ME12-A1 firmware 6.2.2, and LIOB-586 firmware 6.2.3. Network attackers can intercept authentication traffic without authentication or user interaction. The CVSS 3.1 score of 7.5 (HIGH) reflects confidentiality impact through passive network monitoring. Vendor remediation requires firmware update to version 8.2.8 and HTTP service disablement per security hardening guidance.

Defensive priority

HIGH

Recommended defensive actions

• Update affected LOYTEC devices to firmware version 8.2.8 per vendor recommendation.
• Disable HTTP on affected LOYTEC devices and enforce HTTPS-only access as recommended in LOYTEC's security hardening guide.
• Implement network segmentation to isolate affected ICS devices from untrusted networks.
• Monitor network traffic for unencrypted HTTP authentication sessions to affected device models.
• Review and apply CISA ICS recommended practices for defense-in-depth strategies.

Evidence notes

The vulnerability description is sourced from CISA's CSAF advisory ICSA-24-247-01, which identifies specific firmware versions affected: LINX-212 firmware 6.2.4, LVIS-3ME12-A1 firmware 6.2.2, and LIOB-586 firmware 6.2.3. The advisory was published on 2024-09-03 with initial revision. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N confirms network-based attack with no privileges required.

Official resources