Multiple vulnerabilities in Socomec MOD3GP-SY-120K



Risk High
Patch available NO
Number of vulnerabilities 7
CVE-ID CVE-2023-38582
CVE-2023-39446
CVE-2023-41965
CVE-2023-41084
CVE-2023-40221
CVE-2023-39452
CVE-2023-38255
CWE-ID CWE-79
CWE-352
CWE-200
CWE-565
CWE-94
CWE-256
Exploitation vector Network
Public exploit N/A
Vulnerable software
MOD3GP-SY-120K
Hardware solutions / Other hardware appliances

Vendor Socomec

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Stored cross-site scripting

EUVDB-ID: #VU80544

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-38582

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web application within the MAIL_RCV field. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cross-site request forgery

EUVDB-ID: #VU80545

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39446

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin. A remote user can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU80546

Risk: Medium

CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-41965

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the lack of security in the authentication process. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Reliance on Cookies without Validation and Integrity Checking

EUVDB-ID: #VU80547

Risk: High

CVSSv3.1: 9.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-41084

CWE-ID: CWE-565 - Reliance on Cookies without Validation and Integrity Checking

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to session management within the web application is incorrect. A remote attacker can steal session cookies to perform a multitude of actions that the web app allows on the device.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Code Injection

EUVDB-ID: #VU80548

Risk: High

CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-40221

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in the "MAIL_RCV" parameter. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Unprotected storage of credentials

EUVDB-ID: #VU80549

Risk: Medium

CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-39452

CWE-ID: CWE-256 - Unprotected Storage of Credentials

Exploit availability: No

Description

The vulnerability allows a local user to gain access to other users' credentials.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A local user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Stored cross-site scripting

EUVDB-ID: #VU80550

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-38255

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

MOD3GP-SY-120K: 01.12.10

CPE2.3 External links

http://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###