CVE-2023-3548 - OpenCVE

An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Johnsoncontrols	Iq Wifi 6 Firmware Iq Wifi 6

Configuration 1 [-]

AND

cpe:2.3:o:johnsoncontrols:iq_wifi_6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04	Third Party Advisory US Government Resource
https://www.johnsoncontrols.com/cyber-solutions/security-advisories	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jci

Published: 2023-07-25T13:01:04.564Z

Updated: 2023-07-25T13:01:04.564Z

Reserved: 2023-07-07T19:02:52.585Z

Link: CVE-2023-3548

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-07-25T14:15:11.123

Modified: 2023-08-03T13:44:45.523

Link: CVE-2023-3548

JSON object: View

Redhat Information

No data.

CWE

CWE-307

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-3548", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "state": "PUBLISHED", "assignerShortName": "jci", "dateReserved": "2023-07-07T19:02:52.585Z", "datePublished": "2023-07-25T13:01:04.564Z", "dateUpdated": "2023-07-25T13:01:04.564Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "IQ Wifi 6", "vendor": "Johnson Controls", "versions": [{"lessThan": "2.0.2", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-07-25T12:56:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.<br>"}], "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.\n"}], "impacts": [{"capecId": "CAPEC-112", "descriptions": [{"lang": "en", "value": "CAPEC-112 Brute Force"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-307", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-07-25T13:01:04.564Z"}, "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade IQ Wifi 6 firmware to version 2.0.2.<br>The firmware update will be pushed to all available devices in the field.<br>The firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.<br><br>"}], "value": "Upgrade\u00a0IQ Wifi 6 firmware to version 2.0.2.\nThe firmware update will be pushed to all available devices in the field.\nThe firmware update can also be manually loaded by applying the patch tag \u201ciqwifi2.0.2\u201d on the device after navigating to its firmware update page.\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "IQ Wifi 6", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:iq_wifi_6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C3EC23F-AA4E-473B-A5C5-037190DEE5DE", "versionEndExcluding": "2.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:iq_wifi_6:-:*:*:*:*:*:*:*", "matchCriteriaId": "92A28D29-1960-4635-9AC7-AEB8EA927319", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.\n"}], "id": "CVE-2023-3548", "lastModified": "2023-08-03T13:44:45.523", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "productsecurity@jci.com", "type": "Secondary"}]}, "published": "2023-07-25T14:15:11.123", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-206-04"}, {"source": "productsecurity@jci.com", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-307"}], "source": "productsecurity@jci.com", "type": "Secondary"}]}