CVE-2023-46383 – LOYTEC LINX Configurator transmits authenticati... (How to Fix)

Q: What is the severity of CVE-2023-46383?

CVE-2023-46383 has a CVSS score of 7.5 (HIGH). LOYTEC LINX Configurator transmits authentication credentials in base64-encoded cleartext over HTTP, allowing attackers to intercept and decode usernames and passwords. This affects all versions of LOYTEC LINX Configurator software used for building automation device configuration.

📋 TL;DR

LOYTEC LINX Configurator transmits authentication credentials in base64-encoded cleartext over HTTP, allowing attackers to intercept and decode usernames and passwords. This affects all versions of LOYTEC LINX Configurator software used for building automation device configuration.

💻 Affected Systems

Products:

LOYTEC electronics GmbH LINX Configurator

Versions: All versions

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the configuration software used to manage LOYTEC building automation devices. The vulnerability is in the authentication mechanism of the configurator software itself.

📦 What is this software?

L Inx Configurator by Loytec

View all CVEs affecting L Inx Configurator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control over building automation systems, potentially manipulating HVAC, lighting, security systems, or causing physical damage.

🟠

Likely Case

Attackers steal credentials and gain unauthorized access to device configurations, potentially modifying settings or deploying malicious configurations.

🟢

If Mitigated

Attackers can intercept credentials but cannot use them due to network segmentation, strong authentication requirements, or credential rotation.

🌐 Internet-Facing: HIGH - Any internet-exposed instances transmit credentials in cleartext that can be intercepted.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems can still intercept credentials on the network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires network access to intercept HTTP traffic. Attackers need to capture authentication traffic between client and server.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None available

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01

Restart Required: No

Instructions:

No official patch available. Follow workarounds and mitigation steps below.

🔧 Temporary Workarounds

Enforce HTTPS/TLS

all

Configure the LINX Configurator to use HTTPS with valid certificates instead of HTTP

Network Segmentation

all

Isolate LOYTEC configuration traffic to dedicated VLANs or network segments

🧯 If You Can't Patch

Deploy network encryption via VPN tunnels for all LOYTEC configuration traffic
Implement strict network access controls and monitor for credential interception attempts

🔍 How to Verify

Check if Vulnerable:

Use network monitoring tools to capture traffic between LINX Configurator client and server. Check if authentication occurs over HTTP with base64-encoded Authorization headers.

Check Version:

Check software version in LINX Configurator About dialog or installation directory

Verify Fix Applied:

Verify all configuration traffic uses HTTPS/TLS with valid certificates and no HTTP Basic Authentication headers are transmitted in cleartext.

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts from unexpected IPs
Configuration changes from unauthorized users

Network Indicators:

HTTP traffic with base64-encoded Authorization headers to LOYTEC configuration ports
Unencrypted authentication traffic on network

SIEM Query:

source_ip=* AND dest_port IN (80, 8080) AND http_method=POST AND http_uri CONTAINS "config" AND http_header CONTAINS "Authorization: Basic"

📊 Metadata

CVE ID: CVE-2023-46383

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-319

Published: November 30, 2023

Last Updated: November 4, 2025

🔗 References

https://packetstormsecurity.com/files/175951/Loytec-LINX-Configurator-7.4.10-Insecure-Transit-Cleartext-Secrets.html Third Party Advisory,VDB Entry
https://seclists.org/fulldisclosure/2023/Nov/6 Mailing List,Third Party Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01
https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/
http://seclists.org/fulldisclosure/2023/Nov/6
https://packetstormsecurity.com/files/175951/Loytec-LINX-Configurator-7.4.10-Insecure-Transit-Cleartext-Secrets.html Third Party Advisory,VDB Entry
https://seclists.org/fulldisclosure/2023/Nov/6 Mailing List,Third Party Advisory
https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-46383, you might also want to check these: