Details of VAR-202306-0132

ID

VAR-202306-0132

CVE

CVE-2023-32540

TITLE

Advantech WebAccess/SCADA Arbitrary File Overwrite Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2024-15542

DESCRIPTION

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment

Trust: 1.53

sources: NVD: CVE-2023-32540 // CNVD: CNVD-2024-15542 // VULMON: CVE-2023-32540

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-15542

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/scada	scope:	lte	version:	9.1.3	Trust: 1.0
vendor:	advantech	model:	webaccess/scada	scope:	lte	version:	<=9.1.3	Trust: 0.6

sources: CNVD: CNVD-2024-15542 // NVD: CVE-2023-32540

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-32540
value:	CRITICAL
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2023-32540
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2024-15542
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202306-088
value:	CRITICAL
Trust: 0.6

CNVD:	CNVD-2024-15542
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-32540
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2023-32540
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2024-15542 // CNNVD: CNNVD-202306-088 // NVD: CVE-2023-32540 // NVD: CVE-2023-32540

PROBLEMTYPE DATA

problemtype:

CWE-94

Trust: 1.0

sources: NVD: CVE-2023-32540

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-088

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-202306-088

PATCH

title:	Patch for Advantech WebAccess/SCADA Arbitrary File Overwrite Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/537531	Trust: 0.6
title:	Advantech WebAccess/SCADA Fixes for code injection vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=241310	Trust: 0.6

sources: CNVD: CNVD-2024-15542 // CNNVD: CNNVD-202306-088

EXTERNAL IDS

db:	NVD	id:	CVE-2023-32540	Trust: 2.3
db:	ICS CERT	id:	ICSA-23-152-01	Trust: 1.7
db:	AUSCERT	id:	ESB-2023.3138	Trust: 1.2
db:	CNVD	id:	CNVD-2024-15542	Trust: 0.6
db:	CNNVD	id:	CNNVD-202306-088	Trust: 0.6
db:	VULMON	id:	CVE-2023-32540	Trust: 0.1

sources: CNVD: CNVD-2024-15542 // VULMON: CVE-2023-32540 // CNNVD: CNNVD-202306-088 // NVD: CVE-2023-32540

REFERENCES

url:	https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01	Trust: 1.7
url:	https://www.auscert.org.au/bulletins/esb-2023.3138	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2023-32540	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2023-32540/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/94.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2024-15542 // VULMON: CVE-2023-32540 // CNNVD: CNNVD-202306-088 // NVD: CVE-2023-32540

SOURCES

db:	CNVD	id:	CNVD-2024-15542
db:	VULMON	id:	CVE-2023-32540
db:	CNNVD	id:	CNNVD-202306-088
db:	NVD	id:	CVE-2023-32540

LAST UPDATE DATE

2024-08-14T14:43:12.403000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-15542	date:	2024-03-29T00:00:00
db:	VULMON	id:	CVE-2023-32540	date:	2023-06-06T00:00:00
db:	CNNVD	id:	CNNVD-202306-088	date:	2023-06-13T00:00:00
db:	NVD	id:	CVE-2023-32540	date:	2023-06-12T16:55:37.857

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-15542	date:	2024-03-29T00:00:00
db:	VULMON	id:	CVE-2023-32540	date:	2023-06-06T00:00:00
db:	CNNVD	id:	CNNVD-202306-088	date:	2023-06-02T00:00:00
db:	NVD	id:	CVE-2023-32540	date:	2023-06-06T00:15:10.067