ICSA-23-024-01 · Published 2023-01-24 · View on CISA ICS-CERT ↗

XINJE XD

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to write arbitrary project files to a programmable logic controller (PLC) and gain code execution privileges.

CVEs (2)

CVE-2021-34605 CVE-2021-34606

Remediations

Xinje has not responded to requests to provide mitigations for these vulnerabilities. Users of the affected product are encouraged to contact Xinje Technical Support.

Affected Vendors

XINJE

Affected Products (1)

XINJE · XINJE XD Programing Tool <= 3.5.1

Affected Sectors

Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more