U
nitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
History
25 Feb 2026, 18:20
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system. |
03 Nov 2025, 18:55
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-6448 - US Government Resource |
21 Oct 2025, 23:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
21 Oct 2025, 20:19
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
21 Oct 2025, 19:20
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
21 Nov 2024, 08:43
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf - Vendor Advisory | |
| References | () https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf - Release Notes | |
| References | () https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems - Third Party Advisory, US Government Resource | |
| References | () https://www.unitronicsplc.com/cyber_security_vision-samba/ - Product |
26 Jun 2024, 19:59
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:unitronics:vision290_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision430_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision1210_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision1040_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision530_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision560_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision230_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision120_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision280_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision350_firmware:-:*:*:*:*:*:*:* |
cpe:2.3:o:unitronics:samba_7_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision280_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision1210_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:unitronics:samba_3.5:-:*:*:*:*:*:*:* cpe:2.3:h:unitronics:samba_7:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision350_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision570_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision120_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision130_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:samba_4.3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision290_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:unitronics:samba_4.3:-:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision560_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:unitronics:visilogic:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision430_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision1040_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision530_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:samba_3.5_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:unitronics:vision230_firmware:*:*:*:*:*:*:*:* |
| References | () https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf - Vendor Advisory | |
| References | () https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf - Release Notes | |
| References | () https://www.unitronicsplc.com/cyber_security_vision-samba/ - Product | |
| First Time |
Unitronics visilogic
Unitronics samba 7 Firmware Unitronics samba 3.5 Unitronics samba 4.3 Firmware Unitronics samba 7 Unitronics samba 3.5 Firmware Unitronics samba 4.3 |
Information
Published : 2023-12-05 18:15
Updated : 2026-02-26 15:04
NVD link : CVE-2023-6448
Mitre link : CVE-2023-6448
CVE.ORG link : CVE-2023-6448
JSON object : View
Products Affected
- vision350
- vision1040
- samba_3.5
- samba_4.3
- vision1040_firmware
- vision280
- vision350_firmware
- samba_7
- vision560
- vision1210
- vision290
- samba_4.3_firmware
- vision120_firmware
- vision1210_firmware
- vision130
- vision530_firmware
- vision700
- samba_7_firmware
- vision130_firmware
- vision560_firmware
- vision280_firmware
- vision530
- vision430_firmware
- vision570
- vision230
- samba_3.5_firmware
- visilogic
- vision430
- vision230_firmware
- vision290_firmware
- vision700_firmware
- vision120
- vision570_firmware