CVE-2023-0052
Last modified
CVE-2023-0052 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands. . EPSS estimates a 0.71% chance of exploitation in the next 30 days.
Description
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sauter-Controls | Nova 220 Eyk220f001 Firmware | <= 3.3-006 |
| Sauter-Controls | Nova 230 Eyk230f001 Firmware | <= 3.3-006 |
| Sauter-Controls | Nova 106 Eyk300f001 Firmware | <= 3.3-006 |
| Sauter-Controls | Modunet300 Ey-Am300f001 Firmware | <= 3.3-006 |
| Sauter-Controls | Modunet300 Ey-Am300f002 Firmware | <= 3.3-006 |
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05Third Party Advisory, US Government Resource
- https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-0052?
How severe is CVE-2023-0052?
How do I fix CVE-2023-0052?
Are you affected by CVE-2023-0052?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST