Lucene search

BoschVULNRICHMENT:CVE-2023-45851

HistoryOct 25, 2023 - 2:18 p.m.

CVE-2023-45851

2023-10-2514:18:08

bosch

github.com

android

mqtt

server authentication

hmi device

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication.

This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-:*:*:*:*:*:*:*"
    ],
    "vendor": "boschrexroth",
    "product": "ctrlx_hmi_web_panel_wr2107",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "RC7(Build date 20231107)",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

psirt.bosch.com/security-advisories/BOSCH-SA-175607.html

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2023-45851