PatchSiren cyber security CVE debrief
CVE-2023-46385 LOYTEC electronics GmbH CVE debrief
CVE-2023-46385 is a HIGH severity vulnerability (CVSS 7.5) affecting LOYTEC electronics GmbH LINX Configurator 7.4.10 and multiple LOYTEC device models. Published on September 3, 2024, this vulnerability involves insecure permissions where administrative credentials are transmitted as unencrypted URL parameters, enabling remote attackers to capture passwords and gain full control over device configuration. The vulnerability affects seven products including LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, and L-INX Configurator. LOYTEC has released version 8.2.8 to address this issue and recommends disabling HTTP on affected devices as an interim mitigation per their security hardening guidance.
- Vendor
- LOYTEC electronics GmbH
- Product
- LINX-151
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-03
- Original CVE updated
- 2024-09-03
- Advisory published
- 2024-09-03
- Advisory updated
- 2024-09-03
Who should care
Organizations operating LOYTEC building automation and industrial control systems, particularly facilities management teams, OT security engineers, and critical infrastructure operators using affected LINX, LVIS, and LIOB product lines.
Technical summary
The LINX Configurator 7.4.10 transmits administrative credentials as plaintext URL parameters without encryption. This insecure permission implementation allows network-based attackers to intercept credentials through browser history, proxy logs, referrer headers, or direct URL observation. Successful credential theft grants attackers full administrative control over LOYTEC device configurations. The vulnerability is network-exploitable with low attack complexity and no required privileges or user interaction.
Defensive priority
HIGH
Recommended defensive actions
- Update LOYTEC LINX Configurator and affected devices to version 8.2.8 or later
- Disable HTTP on affected LOYTEC devices per vendor security hardening guidance
- Implement network segmentation to restrict access to LOYTEC device management interfaces
- Monitor for unauthorized configuration changes on affected devices
- Review access logs for suspicious URL parameter patterns indicating credential exposure
Evidence notes
CVE published 2024-09-03. CISA ICS advisory ICSA-24-247-01 issued same date. Vendor remediation available in version 8.2.8.
Official resources
-
CVE-2023-46385 CVE record
CVE.org
-
CVE-2023-46385 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-03