Lucene search

BoschCVE-2023-45851

HistoryOct 25, 2023 - 6:17 p.m.

CVE-2023-45851

2023-10-2518:17:35

CWE-306

bosch

web.nvd.nist.gov

android

client application

mqtt

server authentication

nvd

cve-2023-45851

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

21.5%

JSON

The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication.

This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device

Affected configurations

Nvd

Node

boschrexrothctrlx_hmi_web_panel_wr2107_firmware

AND

boschrexrothctrlx_hmi_web_panel_wr2107Match-

Node

boschrexrothctrlx_hmi_web_panel_wr2110_firmware

AND

boschrexrothctrlx_hmi_web_panel_wr2110Match-

Node

boschrexrothctrlx_hmi_web_panel_wr2115_firmware

AND

boschrexrothctrlx_hmi_web_panel_wr2115Match-

VendorProductVersionCPE
boschrexrothctrlx_hmi_web_panel_wr2107_firmware*cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2107_firmware:*:*:*:*:*:*:*:*
boschrexrothctrlx_hmi_web_panel_wr2107-cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-:*:*:*:*:*:*:*
boschrexrothctrlx_hmi_web_panel_wr2110_firmware*cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2110_firmware:*:*:*:*:*:*:*:*
boschrexrothctrlx_hmi_web_panel_wr2110-cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2110:-:*:*:*:*:*:*:*
boschrexrothctrlx_hmi_web_panel_wr2115_firmware*cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2115_firmware:*:*:*:*:*:*:*:*
boschrexrothctrlx_hmi_web_panel_wr2115-cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2115:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
boschrexroth	ctrlx_hmi_web_panel_wr2107_firmware	*	cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2107_firmware::::::::
boschrexroth	ctrlx_hmi_web_panel_wr2107	-	cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-:::::::*
boschrexroth	ctrlx_hmi_web_panel_wr2110_firmware	*	cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2110_firmware::::::::
boschrexroth	ctrlx_hmi_web_panel_wr2110	-	cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2110:-:::::::*
boschrexroth	ctrlx_hmi_web_panel_wr2115_firmware	*	cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2115_firmware::::::::
boschrexroth	ctrlx_hmi_web_panel_wr2115	-	cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2115:-:::::::*

CNA Affected

[
  {
    "vendor": "Bosch Rexroth AG",
    "product": "ctrlX HMI Web Panel - WR21 (WR2107)",
    "versions": [
      {
        "version": "all",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Bosch Rexroth AG",
    "product": "ctrlX HMI Web Panel - WR21 (WR2110)",
    "versions": [
      {
        "version": "all",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Bosch Rexroth AG",
    "product": "ctrlX HMI Web Panel - WR21 (WR2115)",
    "versions": [
      {
        "version": "all",
        "status": "affected"
      }
    ]
  }
]

References

psirt.bosch.com/security-advisories/BOSCH-SA-175607.html

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

21.5%

JSON

Related for CVE-2023-45851