CVE-2023-49716 - OpenCVE

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Emerson	Gc370xa Firmware Gc700xa Firmware Gc700xa Gc1500xa Gc370xa Gc1500xa Firmware

Configuration 1 [-]

AND

cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*

cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*

cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*

cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01	Third Party Advisory US Government Resource
https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2024-02-09T03:45:37.621Z

Updated: 2024-02-09T03:45:37.621Z

Reserved: 2024-01-03T00:41:24.597Z

Link: CVE-2023-49716

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-02-09T04:15:08.007

Modified: 2024-02-15T07:23:22.473

Link: CVE-2023-49716

JSON object: View

Redhat Information

No data.

CWE

CWE-77

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-49716", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-01-03T00:41:24.597Z", "datePublished": "2024-02-09T03:45:37.621Z", "dateUpdated": "2024-02-09T03:45:37.621Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Rosemount GC370XA", "vendor": "Emerson", "versions": [{"lessThanOrEqual": "Version 4.1.5", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Rosemount GC700XA", "vendor": "Emerson", "versions": [{"lessThanOrEqual": "Version 4.1.5", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Rosemount GC1500XA", "vendor": "Emerson", "versions": [{"lessThanOrEqual": "Version 4.1.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Vera Mens of Claroty Research reported these vulnerabilities to Emerson."}], "datePublic": "2024-01-30T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer.</span>\n\n"}], "value": "\nIn Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-02-09T03:45:37.621Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01"}, {"url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Emerson recommends end users update the affected products' firmware. For update information, contact </span><a target=\"_blank\" rel=\"nofollow\">Emerson Tech Support</a><span style=\"background-color: rgb(255, 255, 255);\">. Emerson recommends end users continue to use current cybersecurity industry best practices, and in the event such infrastructure is not implemented within an end user's network, the user should take action to ensure the affected product is connected to a well-protected network and not connected to the Internet. For more information, refer to the </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.emerson.com/en-us/support/security-notifications\">Emerson Security</a><span style=\"background-color: rgb(255, 255, 255);\"> web page.</span>\n\n<br>"}], "value": "\nEmerson recommends end users update the affected products' firmware. For update information, contact Emerson Security https://www.emerson.com/en-us/support/security-notifications \u00a0web page.\n\n\n"}], "source": {"advisory": "ICSA-24-030-01", "discovery": "EXTERNAL"}, "title": "Emerson Rosemount GC370XA, GC700XA, GC1500XA Command Injection", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "0366C834-5B10-4E1E-85F7-139361C04C2B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EF5297A-99CA-4D56-8081-1F987B770426", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "57FCACE0-20E6-469A-AD42-011B5CF7AF89", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDE8CBE2-CA78-4B35-AA04-13247025AF8E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ECAE53AD-7F73-467B-B8BB-0F13F520EAE4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FD3C3C1-67EA-4366-8CFD-D41702E634BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nIn Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer.\n\n"}, {"lang": "es", "value": "En los productos Emerson Rosemount GC370XA, GC700XA y GC1500XA, un usuario autenticado con acceso a la red podr\u00eda ejecutar comandos arbitrarios desde una maquina remota."}], "id": "CVE-2023-49716", "lastModified": "2024-02-15T07:23:22.473", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.7, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2024-02-09T04:15:08.007", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}