Multiple vulnerabilities in Voltronic Power ViewPower
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2023-51576 CVE-2023-51579 CVE-2023-51574 CVE-2023-51575 CVE-2023-51577 CVE-2023-51581 CVE-2023-51582 CVE-2023-51583 CVE-2023-51584 CVE-2023-51585 CVE-2023-51587 CVE-2023-51578 |
| CWE-ID | CWE-502 CWE-276 CWE-287 CWE-749 CWE-78 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
ViewPower Server applications / SCADA systems |
| Vendor | Voltronic Power |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Deserialization of Untrusted Data
EUVDB-ID: #VU84682
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51576
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the RMI interface on port 51099/TCP. A remote attacker can pass specially crafted request to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1882/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect default permissions
EUVDB-ID: #VU84681
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-51579
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for files and folders that are set by the product installer. A local user with access to the system can view contents of files and directories or modify them.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1885/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authentication
EUVDB-ID: #VU84680
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51574
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication.
The
vulnerability exist due to an error within the updateManagerPassword
method. A remote attacker can set a new password for the manager account
and gain unauthorized access to the application.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1880/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Exposed dangerous method or function
EUVDB-ID: #VU84679
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51575
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a dangerous function within the MonitorConsole class. A remote attacker can send a specially crafted request to the application and execute arbitrary code on the system. MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1881/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Exposed dangerous method or function
EUVDB-ID: #VU84678
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-51577
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1883/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Exposed dangerous method or function
EUVDB-ID: #VU84677
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51581
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a dangerous function within the MacMonitorConsole class. A remote attacker can send a specially crafted request to the application and execute arbitrary code on the system. MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1886/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Exposed dangerous method or function
EUVDB-ID: #VU84676
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51582
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a dangerous function within the LinuxMonitorConsole class. A remote attacker can send a specially crafted request to the application and execute arbitrary code on the system. MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1887/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Exposed dangerous method or function
EUVDB-ID: #VU84675
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51583
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a dangerous function within the UpsScheduler class. A remote attacker can send a specially crafted request to the application and execute arbitrary code on the system.Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1888/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Exposed dangerous method or function
EUVDB-ID: #VU84674
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51584
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a dangerous function within the USBCommEx shutdown method. A remote attacker can trick the administrator to trigger a shutdown operation and execute arbitrary code on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1889/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) OS Command Injection
EUVDB-ID: #VU84673
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-51585
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the USBCommEx shutdown method. A remote unauthenticated attacker can trick ab authenticated administrator to trigger a shutdown operation and execute arbitrary OS commands on the target system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1890/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Information disclosure
EUVDB-ID: #VU84672
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-51587
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application within the getModbusPassword method. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1892/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Exposed dangerous method or function
EUVDB-ID: #VU84671
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-51578
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of a dangerous method within the MonitorConsole class. A remote attacker can send a specially crafted HTTP request to the application and perform a denial of service (DoS) attack.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsViewPower: All versions
CPE2.3 External linkshttps://www.zerodayinitiative.com/advisories/ZDI-23-1884/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
