CVE-2023-40151 (GCVE-0-2023-40151)
Vulnerability from cvelistv5
Published
2023-11-21 00:11
Modified
2024-08-02 18:24
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-749 - Exposed Dangerous Method Or Function
Summary
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.
References
Impacted products
Vendor Product Version
Red Lion Controls ST-IPm-8460 Version: 6.0.202
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:24:55.459Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ST-IPm-8460",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "6.0.202"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ST-IPm-6350",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.114"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VT-mIPm-135-D",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.114"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VT-mIPm-245-D",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.114"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VT-IPm2m-213-D",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.114"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VT-IPm2m-113-D",
          "vendor": "Red Lion Controls",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.114"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Nitsan Litov of Claroty Research - Team82 reported these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2023-11-16T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
            }
          ],
          "value": "\n\n\nWhen user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-749",
              "description": "CWE-749  Exposed Dangerous Method Or Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-21T00:11:10.081Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01"
        },
        {
          "url": "https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eRed Lion recommends users apply the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.redlion.net/hc/en-us/articles/19338927539981-SixTRAK-and-VersaTRAK-Security-Patch-RLCSIM-2023-05\"\u003elatest patches\u003c/a\u003e\u0026nbsp;to their products.\u003c/p\u003e\u003cp\u003eRed Lion recommends users apply additional mitigations to help reduce the risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnable user authentication, see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.redlion.net/hc/en-us/articles/18190385510797-ACCESS-RTU-and-IO-How-to-install-a-patch-or-package-to-the-RTU\"\u003eRed Lion instructions\u003c/a\u003e.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eBlocking all or most Sixnet UDR messages over TCP/IP will eliminate authentication bypass. Sixnet UDR messages over TCP/IP will be ignored.\u003c/p\u003e\u003cp\u003eTo block all Sixnet UDR messages over TCP/IP install Patch1_tcp_udr_all_blocked.tar.gz.\u003c/p\u003e\u003cul\u003e\u003cli\u003eST-IPm-8460 \u2013 Install 8313_patch1_tcp_udr_all_blocked.tar.gz\u003c/li\u003e\u003cli\u003eST-IPm-6350/VT-mIPm-245-D/VT-mIPm-135-D/VT-IPm2m-213-D/VT-IPm2m-113-D \u2013 Install 855_patch1_tcp_udr_all_blocked.tar.gz\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTo block all Sixnet UDR messages except I/O commands over TCP/IP and UDP/IP install Patch2_io_open.tar.gz.\u003c/p\u003e\u003cul\u003e\u003cli\u003eST-IPm-8460 \u2013 Install 8313_patch2_io_open.tar.gz\u003c/li\u003e\u003cli\u003eST-IPm-6350/VT-mIPm-245-D/VT-mIPm-135-D/VT-IPm2m-213-D/VT-IPm2m-113-D \u2013 Install 855_patch2_io_open.tar.gz\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTo Block all Sixnet UDR messages over TCP/IP:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnable iptables rules to block TCP/IP traffic.\u003c/li\u003e\u003cli\u003eIn the Sixnet I/O Tool Kit go to Configuration\u0026gt;Configuration Station/Module\u0026gt;\"Ports\" tab\u0026gt;Security.\u003c/li\u003e\u003cli\u003eSelect the \"Load the this file with each station load\" radio button to load a custom rc.firewall configuration file. The rules below will allow all other traffic except Sixnet UDR over TCP/IP. Please Note: Two rules that are added in by default were removed because they will block all traffic going into the interface.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eRemove these rules from the default rc.firewall file:\u003c/p\u003e\u003cul\u003e\u003cli\u003eiptables -P INPUT DROP (Drops everything coming in)\u003c/li\u003e\u003cli\u003eiptables -P FORWARD DROP (Drops everything in FORWARD chain)\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eAdd one DROP rule which will drop all TCP/IP packet coming on UDR port 1594 by typing the following commands:\u003c/p\u003e\u003cul\u003e\u003cli\u003einsmodip_tables (Initialization)\u003c/li\u003e\u003cli\u003einsmodiptable_filter (Initialization)\u003c/li\u003e\u003cli\u003einsmodip_conntrack (Initialization)\u003c/li\u003e\u003cli\u003einsmodiptable_nat (Initialization)\u003c/li\u003e\u003cli\u003eiptables -F INPUT (Flushes INPUT chain)\u003c/li\u003e\u003cli\u003eiptables -F OUTPUT (Flushes OUTPUT chain)\u003c/li\u003e\u003cli\u003eiptables -F FORWARD (Flushes FORWARD chain)\u003c/li\u003e\u003cli\u003eiptables -Z (Zero counters)\u003c/li\u003e\u003cli\u003eiptables -P OUTPUT ACCEPT (Drops everything coming in, everything in FORWARD chain, and accepts everything going out)\u003c/li\u003e\u003cli\u003eiptables -A INPUT -p tcp --dport 1594 -j DROP (Allows local traffic and blocks all TCP traffic coming from 1594)\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor installation instructions see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.redlion.net/hc/en-us/articles/18190385510797-ACCESS-RTU-and-IO-How-to-install-a-patch-or-package-to-the-RTU\"\u003eRed Lion\u0027s support page\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eFor more information, please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution\"\u003eRed Lion\u2019s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nRed Lion recommends users apply the  latest patches https://support.redlion.net/hc/en-us/articles/19338927539981-SixTRAK-and-VersaTRAK-Security-Patch-RLCSIM-2023-05 \u00a0to their products.\n\nRed Lion recommends users apply additional mitigations to help reduce the risk:\n\n  *  Enable user authentication, see  Red Lion instructions https://support.redlion.net/hc/en-us/articles/18190385510797-ACCESS-RTU-and-IO-How-to-install-a-patch-or-package-to-the-RTU .\n\n\nBlocking all or most Sixnet UDR messages over TCP/IP will eliminate authentication bypass. Sixnet UDR messages over TCP/IP will be ignored.\n\nTo block all Sixnet UDR messages over TCP/IP install Patch1_tcp_udr_all_blocked.tar.gz.\n\n  *  ST-IPm-8460 \u2013 Install 8313_patch1_tcp_udr_all_blocked.tar.gz\n  *  ST-IPm-6350/VT-mIPm-245-D/VT-mIPm-135-D/VT-IPm2m-213-D/VT-IPm2m-113-D \u2013 Install 855_patch1_tcp_udr_all_blocked.tar.gz\n\n\nTo block all Sixnet UDR messages except I/O commands over TCP/IP and UDP/IP install Patch2_io_open.tar.gz.\n\n  *  ST-IPm-8460 \u2013 Install 8313_patch2_io_open.tar.gz\n  *  ST-IPm-6350/VT-mIPm-245-D/VT-mIPm-135-D/VT-IPm2m-213-D/VT-IPm2m-113-D \u2013 Install 855_patch2_io_open.tar.gz\n\n\nTo Block all Sixnet UDR messages over TCP/IP:\n\n  *  Enable iptables rules to block TCP/IP traffic.\n  *  In the Sixnet I/O Tool Kit go to Configuration\u003eConfiguration Station/Module\u003e\"Ports\" tab\u003eSecurity.\n  *  Select the \"Load the this file with each station load\" radio button to load a custom rc.firewall configuration file. The rules below will allow all other traffic except Sixnet UDR over TCP/IP. Please Note: Two rules that are added in by default were removed because they will block all traffic going into the interface.\n\n\nRemove these rules from the default rc.firewall file:\n\n  *  iptables -P INPUT DROP (Drops everything coming in)\n  *  iptables -P FORWARD DROP (Drops everything in FORWARD chain)\n\n\nAdd one DROP rule which will drop all TCP/IP packet coming on UDR port 1594 by typing the following commands:\n\n  *  insmodip_tables (Initialization)\n  *  insmodiptable_filter (Initialization)\n  *  insmodip_conntrack (Initialization)\n  *  insmodiptable_nat (Initialization)\n  *  iptables -F INPUT (Flushes INPUT chain)\n  *  iptables -F OUTPUT (Flushes OUTPUT chain)\n  *  iptables -F FORWARD (Flushes FORWARD chain)\n  *  iptables -Z (Zero counters)\n  *  iptables -P OUTPUT ACCEPT (Drops everything coming in, everything in FORWARD chain, and accepts everything going out)\n  *  iptables -A INPUT -p tcp --dport 1594 -j DROP (Allows local traffic and blocks all TCP traffic coming from 1594)\n\n\nFor installation instructions see  Red Lion\u0027s support page https://support.redlion.net/hc/en-us/articles/18190385510797-ACCESS-RTU-and-IO-How-to-install-a-patch-or-package-to-the-RTU .\n\nFor more information, please refer to  Red Lion\u2019s security bulletin https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution .\n\n\n\n\n"
        }
      ],
      "source": {
        "advisory": "ICSA-23-320-01",
        "discovery": "EXTERNAL"
      },
      "title": "Red Lion Controls Sixnet RTU Exposed Dangerous Method Or Function",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-40151",
    "datePublished": "2023-11-21T00:11:10.081Z",
    "dateReserved": "2023-09-18T22:41:48.086Z",
    "dateUpdated": "2024-08-02T18:24:55.459Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-40151\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2023-11-21T00:15:06.953\",\"lastModified\":\"2024-11-21T08:18:52.653\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\n\\n\\nWhen user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"Cuando la autenticaci\u00f3n de usuario no est\u00e1 habilitada, el shell puede ejecutar comandos con los privilegios m\u00e1s altos. Red Lion SixTRAK y VersaTRAK Series RTU con usuarios autenticados habilitados (UDR-A), cualquier mensaje Sixnet UDR enfrentar\u00e1 un desaf\u00edo de autenticaci\u00f3n a trav\u00e9s de UDP/IP. Cuando llega el mismo mensaje a trav\u00e9s de TCP/IP, la RTU simplemente aceptar\u00e1 el mensaje sin desaf\u00edo de autenticaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-749\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:st-ipm-6350_firmware:4.9.114:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"685CF00F-7FEC-4DC9-BBAF-4B83A51ABB53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:st-ipm-6350:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAB3B611-15F5-4921-A8C8-89B0D0A00AA2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:st-ipm-8460_firmware:6.0.202:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"491A31DC-903F-467B-815E-0AC7FA349147\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:st-ipm-8460:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAC9FF0-38FA-4C34-8082-C592CB02F0AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:vt-mipm-135-d_firmware:4.9.114:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"618F8D7E-6154-461F-BBCF-A69BFDE5CA5E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:vt-mipm-135-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEFDF88-C073-4336-AD11-7707260A105E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:vt-mipm-245-d_firmware:4.9.114:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2473CC87-6ADB-4159-AA7C-4112C913678C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:vt-mipm-245-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E26FEC2-6332-4F68-8FF5-3A941E91A105\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:vt-ipm2m-213-d_firmware:4.9.114:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF18734-7D47-4DC5-A0C2-4F39298EFF26\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:vt-ipm2m-213-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C184211-9CF8-499B-B8D4-EBC58134FF6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlioncontrols:vt-ipm2m-113-d_firmware:4.9.114:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A231928-AF55-4697-B0A3-C92ECEAF523B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlioncontrols:vt-ipm2m-113-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2F4E6FF-1358-4105-AEEC-C7AD34D00EA6\"}]}]}],\"references\":[{\"url\":\"https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Execution\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.