CVE-2023-46687
published 2024-02-09CVE-2023-46687: In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.94%
56.3th percentile
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| emerson | gc1500xa_firmware | — | — |
| emerson | gc370xa_firmware | — | — |
| emerson | gc700xa_firmware | — | — |
| emerson | rosemount_gc1500xa | <= Version 4.1.5 | — |
| emerson | rosemount_gc370xa | <= Version 4.1.5 | — |
| emerson | rosemount_gc700xa | <= Version 4.1.5 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Unauthenticated remote command injection in root context targeting Emerson Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs via network access — no authentication required, no user interaction needed (AV:N/AC:L/PR:N/UI:N) ↗
- →Affected firmware versions: GC370XA, GC700XA, GC1500XA version 4.1.5 and all prior revisions — fingerprint device version to identify vulnerable targets ↗
- →CVE-2023-46687 CVSS v3.1 vector indicates network-reachable, low-complexity, no-privilege attack surface — monitor for unexpected outbound/inbound connections and command execution from Rosemount GC devices ↗
- ·No known public exploitation or proof-of-concept has been reported as of the advisory publication date; exploitation complexity noted as high in advisory context despite low CVSS AC score ↗
- ·Vulnerability is network-adjacent for related CVEs (CVE-2023-49716, CVE-2023-51761, CVE-2023-43609) but CVE-2023-46687 is fully network-accessible (AV:N) — ensure detection rules distinguish between network-adjacent and internet-facing exposure scenarios ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wh3x-5m3c-43h7: In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root con
ghsa_unreviewed·2024-02-09
CVE-2023-46687 [CRITICAL] CWE-77 GHSA-wh3x-5m3c-43h7: In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root con
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.
CISA ICS
Emerson Rosemount GC370XA, GC700XA, GC1500XA
cisa_ics·2024-01-30·CVSS 9.8
[CRITICAL] Emerson Rosemount GC370XA, GC700XA, GC1500XA
ICS Advisory
##
Emerson Rosemount GC370XA, GC700XA, GC1500XA
Release DateJanuary 30, 2024
Alert CodeICSA-24-030-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely
- Vendor: Emerson
- Equipment: Rosemount GC370XA, GC700XA, GC1500XA
- Vulnerabilities: Command Injection, Improper Authentication, Incorrect Authorization
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker with network access to run arbitrary commands, access sensitive information, cause a denial-of-service condition, and bypass authentication to acquire admin capabilities.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED P
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdfhttps://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf
2024-02-09
Published