{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-39457", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-08-02T21:37:23.120Z", "datePublished": "2024-05-03T01:59:22.050Z", "dateUpdated": "2024-08-02T18:10:20.768Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-05-03T01:59:22.050Z"}, "title": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability", "descriptions": [{"lang": "en", "value": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501."}], "affected": [{"vendor": "Triangle MicroWorks", "product": "SCADA Data Gateway", "versions": [{"version": "5.1.3.20324", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/", "name": "ZDI-23-1025", "tags": ["x_research-advisory"]}, {"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-08-02T21:44:31.367Z", "datePublic": "2023-08-04T18:14:52.000Z", "source": {"lang": "en", "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39457", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-08T17:18:26.342775Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"], "vendor": "trianglemicroworks", "product": "scada_data_gateway", "versions": [{"status": "affected", "version": "5.1.3.20324"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:26:56.761Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:20.768Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/", "name": "ZDI-23-1025", "tags": ["x_research-advisory", "x_transferred"]}, {"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new", "name": "vendor-provided URL", "tags": ["vendor-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/", "name": "ZDI-23-1025", "tags": ["x_research-advisory", "x_transferred"]}, {"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new", "name": "vendor-provided URL", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:20.768Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39457", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-08T17:18:26.342775Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"], "vendor": "trianglemicroworks", "product": "scada_data_gateway", "versions": [{"status": "affected", "version": "5.1.3.20324"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-08T17:18:34.841Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability", "source": {"lang": "en", "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "Triangle MicroWorks", "product": "SCADA Data Gateway", "versions": [{"status": "affected", "version": "5.1.3.20324"}], "defaultStatus": "unknown"}], "datePublic": "2023-08-04T18:14:52.000Z", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/", "name": "ZDI-23-1025", "tags": ["x_research-advisory"]}, {"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-08-02T21:44:31.367Z", "descriptions": [{"lang": "en", "value": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-05-03T01:59:22.050Z"}}}, "cveMetadata": {"cveId": "CVE-2023-39457", "state": "PUBLISHED", "dateUpdated": "2024-08-02T18:10:20.768Z", "dateReserved": "2023-08-02T21:37:23.120Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2024-05-03T01:59:22.050Z", "assignerShortName": "zdi"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*", "matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501."}, {"lang": "es", "value": "Vulnerabilidad de autenticaci\u00f3n faltante en la puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos evitar la autenticaci\u00f3n en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe debido a la falta de autenticaci\u00f3n del usuario. El problema se debe a la falta de autenticaci\u00f3n en la configuraci\u00f3n predeterminada del sistema. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto de la ra\u00edz. Era ZDI-CAN-20501."}], "id": "CVE-2023-39457", "lastModified": "2025-06-17T21:03:54.923", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2024-05-03T03:15:10.647", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Release Notes"], "url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new"}, {"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}

{}

{}