CVE-2023-32202 - Vulnerability Details - OpenCVE

Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00044.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Walchem	Intuition 9 Intuition 9 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-36460	Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.

Fixes

Solution

Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ .

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04

History

Mon, 30 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-08-23T21:18:39.418Z

Updated: 2024-09-30T19:13:33.969Z

Reserved: 2023-07-18T21:44:31.737Z

Link: CVE-2023-32202

Vulnrichment

Updated: 2024-08-02T15:10:23.865Z

NVD

Status : Modified

Published: 2023-08-23T22:15:07.873

Modified: 2024-11-21T08:02:53.537

Link: CVE-2023-32202

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32202", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-07-18T21:44:31.737Z", "datePublished": "2023-08-23T21:18:39.418Z", "dateUpdated": "2024-09-30T19:13:33.969Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Intuition 9", "vendor": "Walchem", "versions": [{"lessThan": "4.21", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research - Team82"}], "datePublic": "2023-08-17T18:53:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.</span><br>"}], "value": "Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-08-23T21:18:39.418Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\">website</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><br>"}], "value": "Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ .\n"}], "source": {"advisory": "icsa-23-229-04", "discovery": "EXTERNAL"}, "title": "Walchem Intuition Improper Authentication", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:23.865Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-30T19:09:06.529219Z", "id": "CVE-2023-32202", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T19:13:33.969Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:23.865Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-32202", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-30T19:09:06.529219Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T19:13:29.625Z"}}], "cna": {"title": "Walchem Intuition Improper Authentication", "source": {"advisory": "icsa-23-229-04", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research - Team82"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Walchem", "product": "Intuition 9", "versions": [{"status": "affected", "version": "0", "lessThan": "4.21", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ .\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\">website</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><br>", "base64": false}]}], "datePublic": "2023-08-17T18:53:00.000Z", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-08-23T21:18:39.418Z"}}}, "cveMetadata": {"cveId": "CVE-2023-32202", "state": "PUBLISHED", "dateUpdated": "2024-09-30T19:13:33.969Z", "dateReserved": "2023-07-18T21:44:31.737Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-08-23T21:18:39.418Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4646AA8D-0D63-4026-AB76-29D13BFEAE8B", "versionEndExcluding": "4.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E7C1440-FDB8-49F9-B2A1-981AEE899035", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.\n"}, {"lang": "es", "value": "Las versiones de firmware de Walchem Intuition 9 anteriores a la v4.21 son vulnerables a una autenticaci\u00f3n incorrecta. Las credenciales de inicio de sesi\u00f3n se almacenan en un formato que podr\u00eda permitir a un atacante utilizarlas tal cual para iniciar sesi\u00f3n y obtener acceso al dispositivo. "}], "id": "CVE-2023-32202", "lastModified": "2024-11-21T08:02:53.537", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-23T22:15:07.873", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}