#VU83341 Exposed dangerous method or function in Red Lion Controls products - CVE-2023-40151


Vulnerability identifier: #VU83341

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-40151

CWE-ID: CWE-749

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ST-IPm-8460
Hardware solutions / Routers & switches, VoIP, GSM, etc
ST-IPm-6350
Hardware solutions / Routers & switches, VoIP, GSM, etc
VT-mIPm-135-D
Hardware solutions / Routers & switches, VoIP, GSM, etc
VT-mIPm-245-D
Hardware solutions / Routers & switches, VoIP, GSM, etc
VT-IPm2m-213-D
Hardware solutions / Routers & switches, VoIP, GSM, etc
VT-IPm2m-113-D
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Red Lion Controls

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function. A remote attacker can gain access to the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ST-IPm-8460: 6.0.202

ST-IPm-6350: 4.9.114

VT-mIPm-135-D: 4.9.114

VT-mIPm-245-D: 4.9.114

VT-IPm2m-213-D: 4.9.114

VT-IPm2m-113-D: 4.9.114

External links
https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01
https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Red Lion Sixnet RTUs