Vulnerability-Lookup

CNVD-2023-49819

Vulnerability from cnvd - Published: 2023-06-19

Title

Rockwell Automation Kinetix 5500访问控制错误漏洞

Description

Rockwell Automation Kinetix 5500是美国罗克韦尔（Rockwell Automation）公司的第一款采用外部公共交流/直流总线连接系统设计的Kinetix驱动器。它降低了硬件要求，并允许无缝扩展，对单轴或多轴系统使用单一平台。 Rockwell Automation Kinetix 5500存在访问控制错误漏洞，攻击者可利用该漏洞通过开放端口未经授权访问设备。

Severity

高

Patch Name

Rockwell Automation Kinetix 5500访问控制错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441

Reference

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441

Impacted products

Name
Rockwell Automation Kinetix 5500 v7.13

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-1834",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-1834"
    }
  },
  "description": "Rockwell Automation Kinetix 5500\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u7b2c\u4e00\u6b3e\u91c7\u7528\u5916\u90e8\u516c\u5171\u4ea4\u6d41/\u76f4\u6d41\u603b\u7ebf\u8fde\u63a5\u7cfb\u7edf\u8bbe\u8ba1\u7684Kinetix\u9a71\u52a8\u5668\u3002 \u5b83\u964d\u4f4e\u4e86\u786c\u4ef6\u8981\u6c42\uff0c\u5e76\u5141\u8bb8\u65e0\u7f1d\u6269\u5c55\uff0c\u5bf9\u5355\u8f74\u6216\u591a\u8f74\u7cfb\u7edf\u4f7f\u7528\u5355\u4e00\u5e73\u53f0\u3002\n\nRockwell Automation Kinetix 5500\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5f00\u653e\u7aef\u53e3\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u8bbe\u5907\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-49819",
  "openTime": "2023-06-19",
  "patchDescription": "Rockwell Automation Kinetix 5500\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u7b2c\u4e00\u6b3e\u91c7\u7528\u5916\u90e8\u516c\u5171\u4ea4\u6d41/\u76f4\u6d41\u603b\u7ebf\u8fde\u63a5\u7cfb\u7edf\u8bbe\u8ba1\u7684Kinetix\u9a71\u52a8\u5668\u3002 \u5b83\u964d\u4f4e\u4e86\u786c\u4ef6\u8981\u6c42\uff0c\u5e76\u5141\u8bb8\u65e0\u7f1d\u6269\u5c55\uff0c\u5bf9\u5355\u8f74\u6216\u591a\u8f74\u7cfb\u7edf\u4f7f\u7528\u5355\u4e00\u5e73\u53f0\u3002\r\n\r\nRockwell Automation Kinetix 5500\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5f00\u653e\u7aef\u53e3\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u8bbe\u5907\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Rockwell Automation Kinetix 5500\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Rockwell Automation Kinetix 5500 v7.13"
  },
  "referenceLink": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441",
  "serverity": "\u9ad8",
  "submitTime": "2023-05-15",
  "title": "Rockwell Automation Kinetix 5500\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2023-1834 (GCVE-0-2023-1834)

Vulnerability from cvelistv5 – Published: 2023-05-11 18:01 – Updated: 2025-01-24 21:15

Title

Rockwell Automation Kinetix 5500 Vulnerable to Open Port Exploitation

Summary

Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports.

Severity ?

9.4 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE

CWE-284 - Improper Access Control

Assigner

Rockwell

References

URL

Tags

https://rockwellautomation.custhelp.com/app/answe…

Impacted products

	Vendor	Product	Version
	Rockwell Automation	Kinetix 5500 EtherNet/IP Servo Drive	Affected: 7.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:05:26.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1834",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-24T21:15:50.354200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-24T21:15:54.175Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Kinetix 5500 EtherNet/IP Servo Drive",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "7.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.\u0026nbsp; This could potentially allow attackers unauthorized\u0026nbsp;access to the device through the open ports.\u003c/span\u003e"
            }
          ],
          "value": "\nRockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.\u00a0 This could potentially allow attackers unauthorized\u00a0access to the device through the open ports."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-1",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-11T18:01:06.560Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers should upgrade to v7.14 to correct the issue."
            }
          ],
          "value": "Customers should upgrade to v7.14 to correct the issue."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Rockwell Automation Kinetix 5500 Vulnerable to Open Port Exploitation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2023-1834",
    "datePublished": "2023-05-11T18:01:06.560Z",
    "dateReserved": "2023-04-04T13:44:37.415Z",
    "dateUpdated": "2025-01-24T21:15:54.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-49819

CVE-2023-1834 (GCVE-0-2023-1834)

Tags

Sightings

Nomenclature