CVE-2023-2625 - OpenCVE

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Abb	Txpert Hub Coretec 4 Txpert Hub Coretec 4 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:abb:txpert_hub_coretec_4:-:*:*:*:*:*:*:*

cpe:2.3:o:abb:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch

History

No history.

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2023-06-28T16:15:46.529Z

Updated: 2024-08-02T06:26:09.908Z

Reserved: 2023-05-10T10:31:57.900Z

Link: CVE-2023-2625

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-28T17:15:10.627

Modified: 2023-07-06T16:10:43.413

Link: CVE-2023-2625

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2625", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2023-05-10T10:31:57.900Z", "datePublished": "2023-06-28T16:15:46.529Z", "dateUpdated": "2024-08-02T06:26:09.908Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TXpert Hub CoreTec 4", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.0.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.1.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.2.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.3.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.4.*"}, {"status": "unaffected", "version": "TXpert Hub CoreTec 4 version 3.0.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2023-06-28T16:15:46.529Z"}, "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The vulnerability is remediated in TXpert Hub CoreTec 4 version 3.0.1."}], "value": "The vulnerability is remediated in\u00a0TXpert Hub CoreTec 4 version 3.0.1."}], "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nApply mitigation as described in the cybersecurity advisory Mitigation Factors/Workarounds Section.\n\n<br>"}], "value": "\nApply mitigation as described in the cybersecurity advisory Mitigation Factors/Workarounds Section.\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:09.908Z"}, "title": "CVE Program Container", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:abb:txpert_hub_coretec_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "9597F443-3693-451E-9EDA-66092ADB78E3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:abb:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "65472456-E16E-454B-86D3-84F2469D3809", "versionEndExcluding": "3.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "id": "CVE-2023-2625", "lastModified": "2023-07-06T16:10:43.413", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2023-06-28T17:15:10.627", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}