SB2023122226 - Multiple vulnerabilities in Honeywell Saia PG5 Controls Suite
Published: December 22, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Path traversal (CVE-ID: CVE-2023-51599)
The vulnerability allows a remote attacker to compromise the affected system.
2) XML External Entity injection (CVE-ID: CVE-2023-51601)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can trick the victim to open a specially crafted XML file and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
3) XML External Entity injection (CVE-ID: CVE-2023-51602)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can trick the victim to open a specially crafted XML file and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
4) Path traversal (CVE-ID: CVE-2023-51603)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to input validation error when processing directory traversal sequences within CAB files. A remote attacker can trick the victim to open a specially crafted CAB file and overwrite arbitrary files on the system.
5) XML External Entity injection (CVE-ID: CVE-2023-51604)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can trick the victim to open a specially crafted XML file and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
6) XML External Entity injection (CVE-ID: CVE-2023-51605)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can trick the victim to open a specially crafted XML file and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
7) XML External Entity injection (CVE-ID: CVE-2023-51600)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can trick the victim to open a specially crafted XML file and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://www.zerodayinitiative.com/advisories/ZDI-23-1848/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1850/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1851/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1852/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1853/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1854/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1849/