CVE-2023-3548 - Vulnerability Details - OpenCVE

An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00134.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Johnsoncontrols	Iq Wifi 6 Iq Wifi 6 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:johnsoncontrols:iq_wifi_6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-44204	An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.

Fixes

Solution

Upgrade IQ Wifi 6 firmware to version 2.0.2. The firmware update will be pushed to all available devices in the field. The firmware update can also be manually loaded by applying the patch tag “iqwifi2.0.2” on the device after navigating to its firmware update page.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

History

Wed, 23 Oct 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: jci

Published: 2023-07-25T13:01:04.564Z

Updated: 2024-10-23T19:01:43.727Z

Reserved: 2023-07-07T19:02:52.585Z

Link: CVE-2023-3548

Vulnrichment

Updated: 2024-08-02T07:01:56.452Z

NVD

Status : Modified

Published: 2023-07-25T14:15:11.123

Modified: 2024-11-21T08:17:30.860

Link: CVE-2023-3548

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3548", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "state": "PUBLISHED", "assignerShortName": "jci", "dateReserved": "2023-07-07T19:02:52.585Z", "datePublished": "2023-07-25T13:01:04.564Z", "dateUpdated": "2024-10-23T19:01:43.727Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "IQ Wifi 6", "vendor": "Johnson Controls", "versions": [{"lessThan": "2.0.2", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-07-25T12:56:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.<br>"}], "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.\n"}], "impacts": [{"capecId": "CAPEC-112", "descriptions": [{"lang": "en", "value": "CAPEC-112 Brute Force"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-307", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-07-25T13:01:04.564Z"}, "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade IQ Wifi 6 firmware to version 2.0.2.<br>The firmware update will be pushed to all available devices in the field.<br>The firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.<br><br>"}], "value": "Upgrade\u00a0IQ Wifi 6 firmware to version 2.0.2.\nThe firmware update will be pushed to all available devices in the field.\nThe firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "IQ Wifi 6", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:01:56.452Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "johnsoncontrols", "product": "iq_wifi_6", "cpes": ["cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "2.0.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-23T19:00:40.374965Z", "id": "CVE-2023-3548", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:01:43.727Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:01:56.452Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3548", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-23T19:00:40.374965Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*"], "vendor": "johnsoncontrols", "product": "iq_wifi_6", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:01:26.910Z"}}], "cna": {"title": "IQ Wifi 6", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-112", "descriptions": [{"lang": "en", "value": "CAPEC-112 Brute Force"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Johnson Controls", "product": "IQ Wifi 6", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade\u00a0IQ Wifi 6 firmware to version 2.0.2.\nThe firmware update will be pushed to all available devices in the field.\nThe firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.\n\n", "supportingMedia": [{"type": "text/html", "value": "Upgrade IQ Wifi 6 firmware to version 2.0.2.<br>The firmware update will be pushed to all available devices in the field.<br>The firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.<br><br>", "base64": false}]}], "datePublic": "2023-07-25T12:56:00.000Z", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.\n", "supportingMedia": [{"type": "text/html", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-307", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-07-25T13:01:04.564Z"}}}, "cveMetadata": {"cveId": "CVE-2023-3548", "state": "PUBLISHED", "dateUpdated": "2024-10-23T19:01:43.727Z", "dateReserved": "2023-07-07T19:02:52.585Z", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "datePublished": "2023-07-25T13:01:04.564Z", "assignerShortName": "jci"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:iq_wifi_6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C3EC23F-AA4E-473B-A5C5-037190DEE5DE", "versionEndExcluding": "2.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*", "matchCriteriaId": "92A28D29-1960-4635-9AC7-AEB8EA927319", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.\n"}], "id": "CVE-2023-3548", "lastModified": "2024-11-21T08:17:30.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "productsecurity@jci.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-25T14:15:11.123", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}, {"source": "productsecurity@jci.com", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}], "source": "productsecurity@jci.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-307"}], "source": "nvd@nist.gov", "type": "Primary"}]}