Lucene search

IcscertCVELIST:CVE-2023-0052

HistoryJan 20, 2023 - 9:23 p.m.

CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function

2023-01-2021:23:08

CWE-306

icscert

www.cve.org

sauter controls

nova 200-220 series

missing authentication

critical function

firmware

bacnetstac

telnet

ftp

unauthorized access

device configuration

malicious commands

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

47.2%

JSON

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Nova 220 (EYK220F001) DDC with BACnet connection",
    "vendor": "SAUTER Controls",
    "versions": [
      {
        "lessThanOrEqual": "3.3-006",
        "status": "affected",
        "version": "Firmware all versions",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.2.1",
        "status": "affected",
        "version": "BACnetstac all versions",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nova 230 (EYK230F001) DDC with BACnet connection",
    "vendor": "SAUTER Controls",
    "versions": [
      {
        "lessThanOrEqual": "3.3-006",
        "status": "affected",
        "version": "Firmware all versions",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.2.1",
        "status": "affected",
        "version": "BACnetstac all versions",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nova 106 (EYK300F001) BACnet communication card",
    "vendor": "SAUTER Controls",
    "versions": [
      {
        "lessThanOrEqual": "3.3-006",
        "status": "affected",
        "version": "Firmware all versions",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.2.1",
        "status": "affected",
        "version": "BACnetstac all versions",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "moduNet300 (EY-AM300F001, EY-AM300F002)",
    "vendor": "SAUTER Controls",
    "versions": [
      {
        "lessThanOrEqual": "3.3-006",
        "status": "affected",
        "version": "Firmware all versions",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.2.1",
        "status": "affected",
        "version": "BACnetstac all versions",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/uscert/ics/advisories/icsa-23-012-05

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

47.2%

JSON

Related for CVELIST:CVE-2023-0052