Vulnerabilities (CVE)

Filtered by vendor Efacec Subscribe
Filtered by product Bcu 500 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6689 1 Efacec 2 Bcu 500, Bcu 500 Firmware 2024-11-21 N/A 8.2 HIGH
A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application.
CVE-2023-50707 1 Efacec 2 Bcu 500, Bcu 500 Firmware 2024-11-21 N/A 9.6 CRITICAL
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device.