CVE-2023-6248

EPSS 1.68%
Veröffentlicht 21.11.2023 22:15:08
Zuletzt bearbeitet 21.11.2024 08:43:27
Quelle cve@asrg.io
CVE-Watchlists
Login
Unerledigt
Login

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connected device. An attacker who knows the IP address of the server is able to connect and perform the following operations:

  *  Get location data of the vehicle the device is connected to
  *  Send CAN bus messages via the ECU module ( https://syrus.digitalcomtech.com/docs/ecu-1 https://syrus.digitalcomtech.com/docs/ecu-1 )

  *  Immobilize the vehicle via the safe-immobilizer module ( https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization )

  *  Get live video through the connected video camera

  *  Send audio messages to the driver ( https://syrus.digitalcomtech.com/docs/system-tools#apx-tts https://syrus.digitalcomtech.com/docs/system-tools#apx-tts )

Betroffene Produkte Warnungen 0 Metriken 3 CWE 4 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Digitalcomtech ≫ Syrus 4g Iot Telematics Gateway Firmware Versionapex-23.43.2

Digitalcomtech ≫ Syrus 4g Iot Telematics Gateway Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.68%	0.816

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cve@asrg.io	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://www.digitalcomtech.com/product/syrus-4g-iot-telematics-gateway/

Product

https://nvd.nist.gov/vuln/detail/CVE-2023-6248

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6248

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6248

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-6248