1. EXECUTIVE SUMMARY
- CVSS v4 9.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: ABB
- Equipment: Arctic Wireless Gateways
- Vulnerabilities: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Improper Privilege Management, Exposure of Sensitive Information to an Unauthorized Actor, Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’), Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’)
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could run arbitrary code in the product with privileged user permissions or could lead to a denial of service or tampering with unencrypted traffic.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ABB reports there are vulnerabilities in the Telit PL62-W wireless modem module used in the following products:
- Arctic ARP600, ARC600, ARR600: Firmware versions 3.4.10, 3.4.11, 3.4.12, 3.4.13 (CVE-2024-6387)
- Arctic Wireless Gateways ARG600, ARC600, ARR600: All versions with Telit PLS62-W wireless modem module (CVE-2023-47610, CVE-2023-47611, CVE-2023-47612, CVE-2023-47613, CVE-2023-47614, CVE-2023-47615, CVE-2023-47616)
3.2 VULNERABILITY OVERVIEW
3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT (‘CLASSIC BUFFER OVERFLOW’) CWE-120
A buffer overflow vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted short message service (SMS) message.
CVE-2023-47610 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: