CVE-2023-6061 - OpenCVE

Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are: * MMXFax.exe * winfax.dll * MelSim2ComProc.exe * Sim2ComProc.dll * MMXCall_in.exe * libdxxmt.dll * libsrlmt.dll

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Iconics	Iconics Suite

Configuration 1 [-]

cpe:2.3:a:iconics:iconics_suite:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2023-12-07T23:21:22.755Z

Updated: 2024-08-02T08:21:17.173Z

Reserved: 2023-11-09T18:55:45.555Z

Link: CVE-2023-6061

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-12-08T00:15:07.853

Modified: 2023-12-12T22:24:14.313

Link: CVE-2023-6061

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6061", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2023-11-09T18:55:45.555Z", "datePublished": "2023-12-07T23:21:22.755Z", "dateUpdated": "2024-08-02T08:21:17.173Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "platforms": ["Windows"], "product": "SCADA software Iconics Suite", "vendor": "ICONICS", "versions": [{"lessThan": "*", "status": "affected", "version": "10.97.2", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Asher Davila of Palo Alto Networks"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Malav Vyas of Palo Alto Networks"}], "datePublic": "2023-12-07T21:47:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:<br><ul><li><b><span style=\"background-color: transparent;\">MMXFax.exe</span></b><ul><li>winfax.dll<br></li></ul></li><li><b><b>MelSim2ComProc.exe</b></b></li><ul><li>Sim2ComProc.dll</li></ul></ul><ul><li><span style=\"background-color: transparent;\"><b><span style=\"background-color: transparent;\"><b><span style=\"background-color: transparent;\"><b><span style=\"background-color: transparent;\">MMXCall_in.exe</span></b></span></b></span></b><ul><li><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\">libdxxmt.dll</span></span></li><li><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\">libsrlmt.dll</span><br></span></li></ul></span></li></ul>"}], "value": "Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:\n * MMXFax.exe * winfax.dll\n\n\n\n\n * MelSim2ComProc.exe\n * Sim2ComProc.dll\n\n\n\n\n * MMXCall_in.exe * libdxxmt.dll\n * libsrlmt.dll\n\n\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-641", "descriptions": [{"lang": "en", "value": "CAPEC-641 DLL Side-Loading"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2023-12-07T23:46:17.446Z"}, "references": [{"url": "https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21"}], "source": {"discovery": "EXTERNAL"}, "title": "Phantom DLL Vulnerability in Iconics Suite", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.173Z"}, "title": "CVE Program Container", "references": [{"url": "https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:iconics:iconics_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA4B9AA7-6305-4870-8299-1D00DF33DA0A", "versionEndExcluding": "10.97.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an accessible search path. The affected components are:\n * MMXFax.exe * winfax.dll\n\n\n\n\n * MelSim2ComProc.exe\n * Sim2ComProc.dll\n\n\n\n\n * MMXCall_in.exe * libdxxmt.dll\n * libsrlmt.dll\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Varios componentes de Iconics SCADA Suite son propensos a una vulnerabilidad de carga Phantom DLL. Este problema surge cuando las aplicaciones buscan y cargan librer\u00edas de v\u00ednculos din\u00e1micos de manera inadecuada, lo que potencialmente permite que un atacante ejecute c\u00f3digo malicioso a trav\u00e9s de una DLL con un nombre coincidente en una ruta de b\u00fasqueda accesible. Los componentes afectados son: * MMXFax.exe * winfax.dll * MelSim2ComProc.exe * Sim2ComProc.dll * MMXCall_in.exe * libdxxmt.dll * libsrlmt.dll"}], "id": "CVE-2023-6061", "lastModified": "2023-12-12T22:24:14.313", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.2, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2023-12-08T00:15:07.853", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/AsherDLL/abdd2334ac8872999d73ba7b20328c21"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}, {"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-426"}, {"lang": "en", "value": "CWE-427"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}