VDE-2023-029

Vulnerability from csaf_helmholzgmbhcokg - Published: 2023-08-17 12:00 - Updated: 2023-08-17 12:00
Summary
Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250
Notes
Summary: A stored XXS vulnerability has been found in REX 200 and REX 250 in all versions before 7.3.2.
Impact: A remote, authenticated attacker can fully compromise the browser session of all users accessing the devices web interface.
Remediation: Update to 7.3.2
CVE-2023-34412

A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).

4.8 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Vendor Fix Update to 7.3.2
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "A stored XXS vulnerability has been found in\u00a0REX 200 and\u00a0REX 250 in all versions before 7.3.2.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "A remote, authenticated attacker can fully compromise the browser session of all users accessing the devices web interface.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Update to 7.3.2",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@helmholz.de",
      "name": "Helmholz GmbH \u0026 Co. KG",
      "namespace": "https://www.helmholz.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-029: Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-029/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-029: Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 - CSAF",
        "url": "https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-029.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.helmholz.de"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Helmholz GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/helmholz/"
      }
    ],
    "title": "Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250",
    "tracking": {
      "aliases": [
        "VDE-2023-029"
      ],
      "current_release_date": "2023-08-17T12:00:00.000Z",
      "generator": {
        "date": "2025-04-30T09:32:53.335Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2023-029",
      "initial_release_date": "2023-08-17T12:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-08-17T12:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "REX 200",
                "product": {
                  "name": "REX 200",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "REX 250",
                "product": {
                  "name": "REX 250",
                  "product_id": "CSAFPID-11002"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.3.2",
                "product": {
                  "name": "Firmware \u003c7.3.2",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "7.3.2",
                "product": {
                  "name": "Firmware 7.3.2",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Helmholz"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c7.3.2 installed on REX 200",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c7.3.2 installed on REX 250",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 7.3.2 installed on REX 200",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 7.3.2 installed on REX 250",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-34412",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to 7.3.2",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 4.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "temporalScore": 4.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002"
          ]
        }
      ],
      "title": "CVE-2023-34412"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.