CVE-2023-32202 - OpenCVE

Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Walchem	Intuition 9 Firmware Intuition 9

Configuration 1 [-]

AND

cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2023-08-23T21:18:39.418Z

Updated: 2023-08-23T21:18:39.418Z

Reserved: 2023-07-18T21:44:31.737Z

Link: CVE-2023-32202

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-08-23T22:15:07.873

Modified: 2023-09-05T14:52:21.310

Link: CVE-2023-32202

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-32202", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-07-18T21:44:31.737Z", "datePublished": "2023-08-23T21:18:39.418Z", "dateUpdated": "2023-08-23T21:18:39.418Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Intuition 9", "vendor": "Walchem", "versions": [{"lessThan": "4.21", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research - Team82"}], "datePublic": "2023-08-17T18:53:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.</span><br>"}], "value": "Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-08-23T21:18:39.418Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\">website</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><br>"}], "value": "Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ .\n"}], "source": {"advisory": "icsa-23-229-04", "discovery": "EXTERNAL"}, "title": "Walchem Intuition Improper Authentication", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4646AA8D-0D63-4026-AB76-29D13BFEAE8B", "versionEndExcluding": "4.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E7C1440-FDB8-49F9-B2A1-981AEE899035", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.\n"}, {"lang": "es", "value": "Las versiones de firmware de Walchem Intuition 9 anteriores a la v4.21 son vulnerables a una autenticaci\u00f3n incorrecta. Las credenciales de inicio de sesi\u00f3n se almacenan en un formato que podr\u00eda permitir a un atacante utilizarlas tal cual para iniciar sesi\u00f3n y obtener acceso al dispositivo. "}], "id": "CVE-2023-32202", "lastModified": "2023-09-05T14:52:21.310", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-08-23T22:15:07.873", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}