Rewterz Threat Advisory – Multiple Dell Products Vulnerabilities
November 17, 2023Rewterz Threat Advisory – ICS: Multiple Hitachi Energy MACH System Vulnerabilities
November 17, 2023Rewterz Threat Advisory – Multiple Dell Products Vulnerabilities
November 17, 2023Rewterz Threat Advisory – ICS: Multiple Hitachi Energy MACH System Vulnerabilities
November 17, 2023Severity
Medium
Analysis Summary
CVE-2023-5984 CVSS:7.2
Schneider Electric PowerLogic ION8650 and ION8800 could allow a remote authenticated attacker to bypass security restrictions, caused by a download of code without integrity check flaw. By using a specially crafted file, an attacker could exploit this vulnerability to start a firmware update procedure.
CVE-2023-5985 CVSS:4.8
Schneider Electric PowerLogic ION8650 and ION8800 are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5986 CVSS:8.2
Schneider Electric EcoStruxure products could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
CVE-2023-5987 CVSS:6.1
Schneider Electric EcoStruxure products are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-6032 CVSS:5.3
Schneider Electric Galaxy VS and VL could allow a remote attacker to traverse directories on the system, caused by improper validation of user request by the Network Management Card. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to perform file system enumeration and file download.
Impact
- Security Bypass
- Cross-Site Scripting
- Gain Access
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-5984
- CVE-2023-5985
- CVE-2023-5986
- CVE-2023-5987
- CVE-2023-6032
Affected Vendors
Schneider Electric
Affected Products
- Schneider Electric PowerLogic ION8800
- Schneider Electric PowerLogic ION8650
- Schneider Electric EcoStruxure Power Monitoring Expert 2020
- Schneider Electric EcoStruxure Power Monitoring Expert 2021
- Schneider Electric EcoStruxure Power Operation (EPO) Advanced Reporting and Dashboards Module 2020
- Schneider Electric EcoStruxure Power Operation (EPO) Advanced Reporting and Dashboards Module 2021
- Schneider Electric EcoStruxure Power SCADA Operation (PSO) Advanced Reporting and Dashboards Module 2020
- Schneider Electric Galaxy VS 6.82
- Schneider Electric Galaxy VL 12.21
Remediation
Refer to Schneider Electric Security Advisory for patch, upgrade or suggested workaround information.