NVD disclosure day

Published threat advisories for March 27, 2024

CVE-2023-6153

TeoBASE can be bypassed allowing attackers to gain access and control.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

An external attacker can bypass the login screen of TeoSOFT TeoBASE without a password. This allows them to gain complete administrative control of the application, putting sensitive files and user directories at risk of being stolen.

NVD published: March 27, 2024

CVE advisoryCRITICAL

CVE-2023-6173

TeoBASE allows attackers to steal customer data or disrupt services.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

An external attacker can exploit a flaw in TeoSOFT TeoBASE to bypass login security and gain administrative access. Once inside, they can steal credentials and alter sensitive database records, leading to data theft and unauthorized system changes.

NVD published: March 27, 2024