CVE-2023-0052

SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function

CVSS 9.8 CRITICALEPSS 0.7%CWE-306

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.8EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

20 Jan 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

SAUTER Controls · moduNet300 (EY-AM300F001, EY-AM300F002)SAUTER Controls · Nova 106 (EYK300F001) BACnet communication card SAUTER Controls · Nova 220 (EYK220F001) DDC with BACnet connection SAUTER Controls · Nova 230 (EYK230F001) DDC with BACnet connection

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05