CVE-2023-1399 - OpenCVE

N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Keysight	N6854a N6854a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:keysight:n6854a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:keysight:n6854a:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-01	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2023-03-27T15:11:46.873Z

Updated: 2023-03-27T15:11:46.873Z

Reserved: 2023-03-14T14:44:01.960Z

Link: CVE-2023-1399

JSON object: View

NVD Information

Status : Modified

Published: 2023-03-27T16:15:09.890

Modified: 2023-11-07T04:03:30.110

Link: CVE-2023-1399

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-1399", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-03-14T14:44:01.960Z", "datePublished": "2023-03-27T15:11:46.873Z", "dateUpdated": "2023-03-27T15:11:46.873Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "N6854A Geolocation Server", "vendor": "Keysight Technologies", "versions": [{"lessThanOrEqual": "2.4.2", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "An anonymous individual working with Trend Micro\u2019s Zero Day Initiative reported this vulnerability to CISA."}], "datePublic": "2023-03-21T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device\u2019s default configuration and achieve remote code execution.</span>"}], "value": "\nN6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device\u2019s default configuration and achieve remote code execution."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502 Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-03-27T15:11:46.873Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Keysight recommends upgrading the N6854A Geolocation server to version </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.keysight.com/us/en/lib/software-detail/computer-software/n6854a-geolocation-server-and-n6841a-rf-sensor-software-sw319.html\">2.4.3</a><span style=\"background-color: rgb(255, 255, 255);\">.</span>\n\n<br>"}], "value": "\nKeysight recommends upgrading the N6854A Geolocation server to version 2.4.3 https://www.keysight.com/us/en/lib/software-detail/computer-software/n6854a-geolocation-server-and-n6841a-rf-sensor-software-sw319.html .\n\n\n"}], "source": {"advisory": "ICSA-23-080-01", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:keysight:n6854a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "275BC2F4-12BD-49E6-9631-DBFEBEF51EB2", "versionEndIncluding": "2.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:keysight:n6854a:-:*:*:*:*:*:*:*", "matchCriteriaId": "685A10D5-092D-48D5-92F8-5D960A825E93", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nN6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device\u2019s default configuration and achieve remote code execution."}], "id": "CVE-2023-1399", "lastModified": "2023-11-07T04:03:30.110", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-03-27T16:15:09.890", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-502"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}