cbcvebase.
CVE-2023-5399
published 2023-10-04

CVE-2023-5399: A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the…

PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
38.52%
98.4th percentile
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.

Affected

2 ranges
VendorProductVersion rangeFixed in
schneider-electricspacelogic_c-bus_toolkit< 1.16.41.16.4
schneider_electricc-bus_toolkit

Detection & IOCsextracted from sources · hover to see the quote

port20023
  • Monitor for path traversal sequences in File Command traffic directed at SpaceLogic C-Bus Toolkit on TCP port 20023, which is the service port used by the vulnerable application.
  • Alert on use of the 'File Command' over the network to the C-Bus Toolkit service, as this is the specific command vector for the CVE-2023-5399 path traversal vulnerability.
  • Flag inbound network connections to TCP/20023 from external or untrusted network segments, as the vulnerability is exploitable remotely with low attack complexity and no authentication required (PR:N/UI:N).
  • ·The path traversal vulnerability (CVE-2023-5399) affects SpaceLogic C-Bus Toolkit versions 1.16.3 and prior only; version 1.16.4 contains the fix. Detections should be scoped to unpatched deployments.
  • ·No known public exploitation has been reported at time of advisory publication; detections are precautionary.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.