VDE-2023-059 — Vulnetix

VDE-2023-059 PUBLISHED CVSS 8.800000190734863 HIGH

The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. The vulnerabilities can be exploited locally or over the network.

Risk Scores

CVSS 3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	PASvisu
	Firmware <=2.0.33992
	PMI v8xx
	Firmware <1.14.1

Exploit Intelligence

https://certvde.com/en/advisories/VDE-2023-059/ (circl)
https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-059.json (circl)
https://www.pilz.com (circl)
https://certvde.com/en/advisories/vendor/pilz/ (circl)
rules.yar (github-yara)

Timeline

Dec 5, 2023 CVE Published
Apr 28, 2025 PoC Published

References

https://certvde.com/en/advisories/VDE-2023-059/ advisory
https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-059.json advisory
https://www.pilz.com url
https://certvde.com/en/advisories/vendor/pilz/ url

Open in Interactive Console →