CVE-2023-0321

Disclosure of Sensitive Information on Campbell Scientific Products

CVSS 9.1 CRITICALEPSS 0.9%CWE-200

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.1EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

25 Jan 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the default configuration, allow this situation via the PakBus port. The exploitation of this vulnerability may allow an attacker to download, modify, and upload new configuration files.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Campbell Scientific · CR1000 Campbell Scientific · CR300 Campbell Scientific · CR3000 Campbell Scientific · CR6 Campbell Scientific · CR800

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.hackplayers.com/2023/01/cve-2023-0321-info-sensible-campbell.html https://www.incibe-cert.es/en/early-warning/ics-advisories/disclosure-sensitive-information-campbell-scientific-products