Insufficient Protection of Cloud Provider Puts MachineSense Devices at Risk

Insufficient Protection of Cloud Provider Puts MachineSense Devices at Risk

CVE-2023-6221 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. An attacker with access to the internal procedures could view source code, secret credentials, and more.

Learn more about our Cloud Audit.