Multiple vulnerabilities in Softing Secure Integration Server



Risk Low
Patch available NO
Number of vulnerabilities 6
CVE-ID CVE-2023-39482
CVE-2023-29377
CVE-2023-39478
CVE-2023-39479
CVE-2023-39480
CVE-2023-39481
CWE-ID CWE-321
CWE-22
CWE-668
CWE-94
CWE-436
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Secure Integration Server
Other software / Other software solutions

Vendor Softing AG

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Use of Hard-coded Cryptographic Key

EUVDB-ID: #VU79343

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39482

CWE-ID: CWE-321 - Use of Hard-coded Cryptographic Key

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to the usage of a hard-coded cryptograhic key within libopcuaclient.so. A remote administrator can gain unauthorized access to sensitive information on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1064/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Path traversal

EUVDB-ID: #VU79360

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-29377

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote administrator can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1055/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU79359

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39478

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the system.

The vulnerability exists due to exposure of resource to wrong sphere within the handling of OPC FileDirectory namespaces. A remote administrator can execute arbitrary code in the context of root.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1060/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Path traversal

EUVDB-ID: #VU79358

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39479

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote administrator can send a specially crafted HTTP request and create arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1061/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Code Injection

EUVDB-ID: #VU79352

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39480

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper access to the filesystem within the handling of FileDirectory OPC UA Objects. A remote administrator can execute arbitrary code on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1062/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Interpretation Conflict

EUVDB-ID: #VU79351

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39481

CWE-ID: CWE-436 - Interpretation Conflict

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to inconsistency in URI parsing between NGINX and application code within the web server. A remote administrator can execute arbitrary code on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Secure Integration Server: All versions

CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-23-1063/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###