CVE-2023-36859 - Vulnerability Details - OpenCVE

PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Piigab	M-bus 900s M-bus 900s Firmware

Configuration 1 [-]

AND

cpe:2.3:o:piigab:m-bus_900s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:piigab:m-bus_900s:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01

History

Thu, 14 Nov 2024 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-07-06T22:51:51.453Z

Updated: 2024-11-14T14:04:50.853Z

Reserved: 2023-06-27T16:55:52.743Z

Link: CVE-2023-36859

Vulnrichment

Updated: 2024-08-02T17:01:09.731Z

NVD

Status : Modified

Published: 2023-07-06T23:15:09.707

Modified: 2024-11-21T08:10:47.590

Link: CVE-2023-36859

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-36859", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-06-27T16:55:52.743Z", "datePublished": "2023-07-06T22:51:51.453Z", "dateUpdated": "2024-11-14T14:04:50.853Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "M-Bus SoftwarePack", "vendor": "PiiGAB ", "versions": [{"status": "affected", "version": "900S"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Floris Hendriks and Jeroen Wijenbergh of Radboud University reported these vulnerabilities to CISA."}], "datePublic": "2023-07-06T22:42:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PiiGAB M-Bus \n\n<span style=\"background-color: rgb(255, 255, 255);\">SoftwarePack 900S</span>\n\ndoes not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.</span>\n\n"}], "value": "\nPiiGAB M-Bus \n\nSoftwarePack 900S\n\ndoes not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94 Code Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-07-06T22:51:51.453Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PiiGAB created updated software to address these issues and encourages users to install the new update on their own gateway. The new software packages can be downloaded directly from the web UI in the gateway and older gateways can download it from </span><a target=\"_blank\" rel=\"nofollow\" href=\"http://www.piigab.se/\">Piigab.se</a><span style=\"background-color: rgb(255, 255, 255);\"> or </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.piigab.com/\">Piigab.com</a><span style=\"background-color: rgb(255, 255, 255);\">.</span>\n\n<br>"}], "value": "\nPiiGAB created updated software to address these issues and encourages users to install the new update on their own gateway. The new software packages can be downloaded directly from the web UI in the gateway and older gateways can download it from Piigab.se http://www.piigab.se/ \u00a0or Piigab.com https://www.piigab.com/ .\n\n\n"}], "source": {"discovery": "EXTERNAL"}, "title": "PiiGAB M-Bus Code Injection", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:</p><ul><li>Ensure the least-privilege user principle is followed.</li><li>Set unique and secure passwords for all products requiring authentication.</li><li>Minimize network exposure for all control system devices and/or systems, and ensure they are <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\">not accessible from the Internet</a>.</li><li>Locate control system networks and remote devices behind firewalls and isolate them from business networks.</li><li>When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.</li></ul>\n\n<br>"}], "value": "\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Ensure the least-privilege user principle is followed.\n * Set unique and secure passwords for all products requiring authentication.\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 .\n * Locate control system networks and remote devices behind firewalls and isolate them from business networks.\n * When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:01:09.731Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "piigab", "product": "m-bus_900s", "cpes": ["cpe:2.3:h:piigab:m-bus_900s:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "900s", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-14T14:04:21.721492Z", "id": "CVE-2023-36859", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-14T14:04:50.853Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:01:09.731Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-36859", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-14T14:04:21.721492Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:piigab:m-bus_900s:-:*:*:*:*:*:*:*"], "vendor": "piigab", "product": "m-bus_900s", "versions": [{"status": "affected", "version": "900s"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-14T14:04:46.067Z"}}], "cna": {"title": "PiiGAB M-Bus Code Injection", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Floris Hendriks and Jeroen Wijenbergh of Radboud University reported these vulnerabilities to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PiiGAB ", "product": "M-Bus SoftwarePack", "versions": [{"status": "affected", "version": "900S"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nPiiGAB created updated software to address these issues and encourages users to install the new update on their own gateway. The new software packages can be downloaded directly from the web UI in the gateway and older gateways can download it from Piigab.se http://www.piigab.se/ \u00a0or Piigab.com https://www.piigab.com/ .\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PiiGAB created updated software to address these issues and encourages users to install the new update on their own gateway. The new software packages can be downloaded directly from the web UI in the gateway and older gateways can download it from </span><a target=\"_blank\" rel=\"nofollow\" href=\"http://www.piigab.se/\">Piigab.se</a><span style=\"background-color: rgb(255, 255, 255);\"> or </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.piigab.com/\">Piigab.com</a><span style=\"background-color: rgb(255, 255, 255);\">.</span>\n\n<br>", "base64": false}]}], "datePublic": "2023-07-06T22:42:00.000Z", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01"}], "workarounds": [{"lang": "en", "value": "\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Ensure the least-privilege user principle is followed.\n * Set unique and secure passwords for all products requiring authentication.\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 .\n * Locate control system networks and remote devices behind firewalls and isolate them from business networks.\n * When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:</p><ul><li>Ensure the least-privilege user principle is followed.</li><li>Set unique and secure passwords for all products requiring authentication.</li><li>Minimize network exposure for all control system devices and/or systems, and ensure they are <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\">not accessible from the Internet</a>.</li><li>Locate control system networks and remote devices behind firewalls and isolate them from business networks.</li><li>When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.</li></ul>\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nPiiGAB M-Bus \n\nSoftwarePack 900S\n\ndoes not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PiiGAB M-Bus \n\n<span style=\"background-color: rgb(255, 255, 255);\">SoftwarePack 900S</span>\n\ndoes not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Code Injection"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-07-06T22:51:51.453Z"}}}, "cveMetadata": {"cveId": "CVE-2023-36859", "state": "PUBLISHED", "dateUpdated": "2024-11-14T14:04:50.853Z", "dateReserved": "2023-06-27T16:55:52.743Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-07-06T22:51:51.453Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:piigab:m-bus_900s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "04FDDDC1-90D6-4638-862E-2FDC640EA917", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:piigab:m-bus_900s:-:*:*:*:*:*:*:*", "matchCriteriaId": "748F8510-1EC7-4F5A-AF34-F9E84E526C78", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nPiiGAB M-Bus \n\nSoftwarePack 900S\n\ndoes not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.\n\n"}], "id": "CVE-2023-36859", "lastModified": "2024-11-21T08:10:47.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-06T23:15:09.707", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}