{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T10:28:55.267","vulnerabilities":[{"cve":{"id":"CVE-2023-1617","sourceIdentifier":"cybersecurity@ch.abb.com","published":"2023-04-14T12:15:07.377","lastModified":"2024-11-21T07:39:33.027","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Authentication vulnerability in B&R Industrial Automation B&R VC4 (VNC-Server modules).  This vulnerability may allow an unauthenticated network-based attacker to bypass the authentication mechanism of the VC4 visualization on affected devices. The impact of this vulnerability depends on the functionality provided in the visualization.\nThis issue affects B&R VC4: from 3.* through 3.96.7, from 4.0* through 4.06.7, from 4.1* through 4.16.3, from 4.2* through 4.26.8, from 4.3* through 4.34.6, from 4.4* through 4.45.1, from 4.5* through 4.45.3, from 4.7* through 4.72.9.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionEndExcluding":"3.96.8","matchCriteriaId":"C94CCB17-792C-4B9E-9EB2-5AC0888CF3DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.06.4","matchCriteriaId":"96C5BD56-2064-4219-970C-8AEDA8F85D20"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.0","versionEndIncluding":"4.16.3","matchCriteriaId":"EF05318D-11E2-40D4-9556-8A83D0B6ABEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20.0","versionEndIncluding":"4.26.8","matchCriteriaId":"115D84EC-19BD-4CAD-9BAD-6FE9A56E14A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.30.0","versionEndExcluding":"4.34.7","matchCriteriaId":"B28066C3-3BF0-4D87-B847-7DA3F126E39F"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.40.0","versionEndIncluding":"4.45.1","matchCriteriaId":"7C048F8F-7D8F-4CC3-91F9-631A3F96A533"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50.0","versionEndIncluding":"4.53.0","matchCriteriaId":"A56A6BDA-4BC1-4D06-98F2-8CE089F07E3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*","versionStartIncluding":"4.70.0","versionEndExcluding":"4.73.0","matchCriteriaId":"2E56F00F-57F9-407E-92A4-E03CDD074522"}]}]}],"references":[{"url":"https://www.br-automation.com/downloads_br_productcatalogue/assets/1681046878970-en-original-1.0.pdf","source":"cybersecurity@ch.abb.com","tags":["Vendor Advisory"]},{"url":"https://www.br-automation.com/downloads_br_productcatalogue/assets/1681046878970-en-original-1.0.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}