CVE-2023-2611
published 2023-06-22CVE-2023-2611: Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that…
PriorityP354critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.67%
47.2th percentile
Advantech R-SeeNet
versions 2.4.22
is installed with a hidden root-level user that is not available in the
users list. This hidden user has a password that cannot be changed by
users.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | r-seenet | <= 2.4.22 | — |
| mozilla | firefox | >= 0 < 124.0+build1-0ubuntu0.20.04.1 | 124.0+build1-0ubuntu0.20.04.1 |
| mozilla | thunderbird | >= 0 < 1:115.9.0+build1-0ubuntu0.20.04.1 | 1:115.9.0+build1-0ubuntu0.20.04.1 |
| mozilla | thunderbird | >= 0 < 1:115.9.0+build1-0ubuntu0.22.04.1 | 1:115.9.0+build1-0ubuntu0.22.04.1 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Advantech R-SeeNet
cisa_ics·2023-06-22·CVSS 9.8
[CRITICAL] Advantech R-SeeNet
ICS Advisory
##
Advantech R-SeeNet
Release DateJune 22, 2023
Alert CodeICSA-23-173-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Advantech
- Equipment: R-SeeNet
- Vulnerability: Hard Coded Password, External Control of File Name or Path
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to authenticate as a valid user or access files on the system.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Advantech reports these vulnerabilities affects the following R-SeeNet monitoring application:
- R-SeeNet: versions 2.4.22 and prior
## 3.2 VULNERABILITY OVERVIEW
3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798
Advantech R-SeeNet is installed with
OSV
thunderbird vulnerabilities
osv·2024-03-26·CVSS 6.5
CVE-2024-0743 thunderbird vulnerabilities
thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2024-0743, CVE-2024-2611,
CVE-2024-2614)
Hubert Kario discovered that Thunderbird had a timing side-channel when
performing RSA decryption. A remote attacker could possibly use this
issue to recover sensitive information. (CVE-2023-5388)
Gary Kwong discovered that Thunderbird incorrectly updated return
registers for JIT code on Armv7-A systems. An attacker could potentially
exploit this issue to execute arbitrary code. (CVE-2024-2607)
OSV
firefox vulnerabilities
osv·2024-03-20·CVSS 6.5
CVE-2024-2609 firefox vulnerabilities
firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-2609,
CVE-2024-2611, CVE-2024-2614, CVE-2024-2615)
Hubert Kario discovered that Firefox had a timing side-channel when
performing RSA decryption. A remote attacker could possibly use this
issue to recover sensitive information. (CVE-2023-5388)
It was discovered that Firefox did not properly handle WASM register
values in some circumstances. An attacker could potentially exploit this
issue to cause a denial of service. (CVE-2024-2606)
Gary Kwong discovered that Firefox incorrectly updated retur
GHSA
GHSA-86p5-h8pq-p6hx: Advantech R-SeeNet
versions 2
ghsa_unreviewed·2023-06-22
CVE-2023-2611 [CRITICAL] CWE-798 GHSA-86p5-h8pq-p6hx: Advantech R-SeeNet
versions 2
Advantech R-SeeNet
versions 2.4.22
is installed with a hidden root-level user that is not available in the
users list. This hidden user has a password that cannot be changed by
users.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-22
Published