CVE-2023-25915 - Vulnerability Details - OpenCVE

Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Danfoss	Ak-sm 800a Ak-sm 800a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://csirt.divd.nl/CVE-2023-25915
https://csirt.divd.nl/DIVD-2023-00025

History

Wed, 16 Oct 2024 12:00:00 +0000

Type	Values Removed	Values Added
Description	Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.	Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.
Title	Remote Command Execution in Danfoss AK-SM800A	Authenticated Remote Command Execution in Danfoss AK-SM800A

Thu, 03 Oct 2024 20:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:danfoss:ak-sm_800a_firmware:-:::::::*
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: DIVD

Published: 2023-08-21T20:30:02.375Z

Updated: 2024-10-16T11:52:22.846Z

Reserved: 2023-02-16T14:22:41.966Z

Link: CVE-2023-25915

Vulnrichment

Updated: 2024-08-02T11:32:12.619Z

NVD

Status : Modified

Published: 2023-08-21T21:15:09.170

Modified: 2024-11-21T07:50:25.357

Link: CVE-2023-25915

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25915", "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "state": "PUBLISHED", "assignerShortName": "DIVD", "dateReserved": "2023-02-16T14:22:41.966Z", "datePublished": "2023-08-21T20:30:02.375Z", "dateUpdated": "2024-10-16T11:52:22.846Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AK-SM800A", "vendor": "Danfoss", "versions": [{"status": "affected", "version": "< 3.3"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Synacktiv"}, {"lang": "en", "type": "analyst", "user": "00000000-0000-4000-9000-000000000000", "value": "Max van der Horst (DIVD)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system."}], "value": "Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "shortName": "DIVD", "dateUpdated": "2024-10-16T11:52:22.846Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://csirt.divd.nl/CVE-2023-25915"}, {"tags": ["third-party-advisory"], "url": "https://csirt.divd.nl/DIVD-2023-00025"}], "source": {"discovery": "EXTERNAL"}, "title": "Authenticated Remote Command Execution in Danfoss AK-SM800A", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade to the latest patch, which is version 3.3."}], "value": "Upgrade to the latest patch, which is version 3.3."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:32:12.619Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://csirt.divd.nl/CVE-2023-25915"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://csirt.divd.nl/DIVD-2023-00025"}]}, {"affected": [{"vendor": "danfoss", "product": "ak-sm_800a_firmware", "cpes": ["cpe:2.3:o:danfoss:ak-sm_800a_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.3", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-03T19:42:57.224088Z", "id": "CVE-2023-25915", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T19:49:03.078Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://csirt.divd.nl/CVE-2023-25915", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://csirt.divd.nl/DIVD-2023-00025", "tags": ["third-party-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:32:12.619Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-25915", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-03T19:42:57.224088Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:danfoss:ak-sm_800a_firmware:-:*:*:*:*:*:*:*"], "vendor": "danfoss", "product": "ak-sm_800a_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "3.3"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T19:48:18.921Z"}}], "cna": {"title": "Authenticated Remote Command Execution in Danfoss AK-SM800A", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Synacktiv"}, {"lang": "en", "type": "analyst", "user": "00000000-0000-4000-9000-000000000000", "value": "Max van der Horst (DIVD)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Danfoss", "product": "AK-SM800A", "versions": [{"status": "affected", "version": "< 3.3"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://csirt.divd.nl/CVE-2023-25915", "tags": ["third-party-advisory"]}, {"url": "https://csirt.divd.nl/DIVD-2023-00025", "tags": ["third-party-advisory"]}], "workarounds": [{"lang": "en", "value": "Upgrade to the latest patch, which is version 3.3.", "supportingMedia": [{"type": "text/html", "value": "Upgrade to the latest patch, which is version 3.3.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.", "supportingMedia": [{"type": "text/html", "value": "Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "shortName": "DIVD", "dateUpdated": "2024-10-16T11:52:22.846Z"}}}, "cveMetadata": {"cveId": "CVE-2023-25915", "state": "PUBLISHED", "dateUpdated": "2024-10-16T11:52:22.846Z", "dateReserved": "2023-02-16T14:22:41.966Z", "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "datePublished": "2023-08-21T20:30:02.375Z", "assignerShortName": "DIVD"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FE57274-BA94-492A-9D3A-A74F047E9EF4", "versionEndIncluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4EC90A1-18C1-4509-96DF-A528E2AF5989", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system."}, {"lang": "es", "value": "Debido a una validaci\u00f3n de entrada incorrecta, un atacante remoto podr\u00eda ejecutar comandos arbitrarios en el sistema objetivo."}], "id": "CVE-2023-25915", "lastModified": "2024-11-21T07:50:25.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "csirt@divd.nl", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-21T21:15:09.170", "references": [{"source": "csirt@divd.nl", "tags": ["Third Party Advisory"], "url": "https://csirt.divd.nl/CVE-2023-25915"}, {"source": "csirt@divd.nl", "tags": ["Third Party Advisory"], "url": "https://csirt.divd.nl/DIVD-2023-00025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://csirt.divd.nl/CVE-2023-25915"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://csirt.divd.nl/DIVD-2023-00025"}], "sourceIdentifier": "csirt@divd.nl", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "csirt@divd.nl", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}