CVE-2023-22807 - OpenCVE

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Ls-electric	Xbc-dn32u Firmware Xbc-dn32u

Configuration 1 [-]

AND

cpe:2.3:o:ls-electric:xbc-dn32u_firmware:01.80:*:*:*:*:*:*:*

cpe:2.3:h:ls-electric:xbc-dn32u:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2023-02-15T17:29:47.415Z

Updated: 2023-02-15T17:29:47.415Z

Reserved: 2023-01-06T18:49:55.855Z

Link: CVE-2023-22807

JSON object: View

NVD Information

Status : Modified

Published: 2023-02-15T18:15:12.087

Modified: 2023-11-07T04:07:25.663

Link: CVE-2023-22807

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-22807", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-01-06T18:49:55.855Z", "datePublished": "2023-02-15T17:29:47.415Z", "dateUpdated": "2023-02-15T17:29:47.415Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "XBC-DN32U", "vendor": "LS Electric", "versions": [{"status": "affected", "version": "Operating System Version 01.80"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "HeeA Go of Dankook University reported these vulnerabilities"}], "datePublic": "2023-02-09T21:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.</p>"}], "value": "LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-02-15T17:29:47.415Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02"}], "source": {"discovery": "EXTERNAL"}, "title": "CVE-2023-22807", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>LS ELECTRIC is developing mitigations (to be released tentatively by the end of 2023) and recommends users follow the provided workarounds to reduce the risk of exploitation: </p><ul><li>Restrict communication to the PLC to only trusted IP addresses and trusted devices by enabling the \u201cHost Table\u201d option in the configuration window of the PLC. </li></ul>\n\n<br>"}], "value": "\nLS ELECTRIC is developing mitigations (to be released tentatively by the end of 2023) and recommends users follow the provided workarounds to reduce the risk of exploitation: \n\n * Restrict communication to the PLC to only trusted IP addresses and trusted devices by enabling the \u201cHost Table\u201d option in the configuration window of the PLC. \n\n\n\n\n\n"}], "x_generator": {"engine": "VINCE 2.0.6", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22807"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ls-electric:xbc-dn32u_firmware:01.80:*:*:*:*:*:*:*", "matchCriteriaId": "242DFA36-841D-457E-B4B7-592A73993C76", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ls-electric:xbc-dn32u:-:*:*:*:*:*:*:*", "matchCriteriaId": "78A41BC8-F37E-41EE-BA99-AC992AC24F32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.\n\n"}], "id": "CVE-2023-22807", "lastModified": "2023-11-07T04:07:25.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-02-15T18:15:12.087", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}