CRITICAL🇵🇱 Wersja polska

CVE-2023-46687

CVSS 9.8v3.1pub. 2024-02-09upd. 2024-11-21

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.

🤖 AI Analysis
How it works

An unauthenticated user with network access to the device can send a crafted request, which results in execution of arbitrary system commands (command injection) with root privileges. The vulnerability classified as CWE-77 indicates improper neutralization of special characters before passing data to the command interpreter. The attack requires no credentials or user interaction.

Impact

The attacker gains full control of the device with root privileges, enabling reading and modification of measurement data, disruption of the technological process, and use of the device as an entry point to the industrial network (lateral movement).

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references (Emerson security notice ICSA-24-030-01). Additionally, it is recommended to isolate devices from untrusted networks, restrict network access to these devices exclusively to authorized hosts, and implement firewalls and OT network segmentation in accordance with CISA recommendations.

Who is affected

Emerson Rosemount GC370XA, GC700XA, and GC1500XA — firmware versions indicated in the manufacturer's references (ICSA-24-030-01)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Emerson Gc1500xa

    HW
    Emerson
    wszystkie wersje
  • Emerson Gc1500xa Firmware

    OS
    Emerson
    4.1.5
  • Emerson Gc370xa

    HW
    Emerson
    wszystkie wersje
  • Emerson Gc370xa Firmware

    OS
    Emerson
    4.1.5
  • Emerson Gc700xa

    HW
    Emerson
    wszystkie wersje
  • Emerson Gc700xa Firmware

    OS
    Emerson
    4.1.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-51761HIGH8.3ten sam produkt

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access coul...

CVE-2023-43609MEDIUM6.9ten sam produkt

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access coul...

CVE-2023-49716MEDIUM6.9ten sam produkt

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could...

CVE-2023-1935CRITICAL9.4ten sam vendor

ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an attacker to gain un...

CVE-2022-30264CRITICAL9.8ten sam vendor

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They ...