{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T22:07:58.234","vulnerabilities":[{"cve":{"id":"CVE-2023-6221","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2024-02-01T23:15:10.510","lastModified":"2026-06-17T06:50:19.690","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"ics-cert@hq.dhs.gov","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"\nThe cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. An attacker with access to the internal procedures could view source code, secret credentials, and more.\n\n"},{"lang":"es","value":"El proveedor de nube que MachineSense utiliza para la integración y la implementación de múltiples dispositivos MachineSense, como el controlador lógico programable (PLC), PumpSense, PowerAnalyzer, FeverWarn y otros, no está suficientemente protegido contra el acceso no autorizado. Un atacante con acceso a los procedimientos internos podría ver el código fuente, credenciales secretas y más."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"MachineSense","product":"FeverWarn","defaultStatus":"unaffected","versions":[{"version":"ESP32","status":"affected"},{"version":"RaspberryPi","status":"affected"},{"version":"DataHub RaspberryPi","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T15:50:13.032598Z","id":"CVE-2023-6221","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:machinesense:feverwarn_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45F21168-E7F1-49E4-84B0-0B4EB9C6DE50"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:machinesense:feverwarn:-:*:*:*:*:*:*:*","matchCriteriaId":"489AD7C3-7648-4398-BA27-450E909171EC"}]}]}],"references":[{"url":"https://machinesense.com/pages/about-machinesense","source":"ics-cert@hq.dhs.gov","tags":["Product"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://machinesense.com/pages/about-machinesense","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}