How severe is CVE-2023-30757?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-30757?

This is classified as CWE-693, which is a common weakness in software security.

CVE-2023-30757 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions). The know-how protection feature in affected products does not properly update the encryption of existing program blocks when a project file is updated. This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password.

Related Vulnerabilities

CVE-2018-20251

MEDIUM

CVSS:5.5(Medium)

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as wr...

CWE-6932018

CVE-2020-12954

MEDIUM

CVSS:5.5(Medium)

A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification.

CWE-6932020

CVE-2021-26355

MEDIUM

CVSS:5.5(Medium)

Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in a potential denial-of-service.

CWE-6932021

CVE-2022-20464

MEDIUM

CVSS:5.5(Medium)

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User ex...

CWE-6932022

CVE-2022-42821

MEDIUM

CVSS:5.5(Medium)

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.

CWE-6932022

CVE-2023-25080

MEDIUM

CVSS:5.5(Medium)

Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local a...

CWE-6932023