ICSA-22-347-03 · Published 2023-01-19 · View on CISA ICS-CERT ↗

Contec CONPROSYS HMI System (CHS)

CVSS 10.0 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow a remote attacker to send specially crafted requests and cause a loss of sensitive information.

CVEs (5)

CVE-2022-44456 CVE-2023-22331 CVE-2023-22334 CVE-2023-22373 CVE-2023-22339

Remediations

Contec recommends users update to CONPROSYS HMI System (CHS) Ver.3.5.0 or later.

Affected Vendors

Contec

Affected Products (2)

Contec · CONPROSYS HMI System (CHS) <= 3.4.4

Contec · CONPROSYS HMI System (CHS) <= 3.4.5

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more