Rewterz Threat Advisory – ICS: Multiple Schneider Electric Products Vulnerabilities
November 17, 2023
Severity
Medium
Analysis Summary
CVE-2023-2621 CVSS:6.5
Hitachi Energy MACH System Software could allow a remote attacker traverse directories on the system, caused by improper validation of archive contents by the McFeeder server in the MAIN computer system. By uploading a specially-crafted archive file to the McFeeder’s service endpoint containing “dot dot” sequences (/../), an attacker could exploit this vulnerability to write arbitrary files to the system.
CVE-2023-2622 CVSS:2.7
Hitachi Energy MACH System Software could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests by the MAIN Computer system in the InspectSetup service endpoint. An attacker could send a specially-crafted URL request using the using the remote procedure call protocol containing “dot dot” sequences (/../) to view arbitrary files on the system.
Impact
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-2621
- CVE-2023-2622
Affected Vendors
Hitachi
Affected Products
- Hitachi Energy MACH System Software 5
- Hitachi Energy MACH System Software 6
- Hitachi Energy MACH System Software 7.16
- Hitachi Energy MACH System Software 7.10.0.0
- Hitachi Energy MACH System Software 7.18.0.0
Remediation
Refer to HITACHI ENERGY Advisory for patch, upgrade or suggested workaround information.