CVE-2024-8232
published 2024-09-10CVE-2024-8232: SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.
PriorityP262high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
13.08%
95.9th percentile
SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload specially crafted malicious files without
authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ininet_solutions_gmbh | spidercontrol_scada_web_server | <= v2.09 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated file upload attempts targeting SpiderControl SCADA Web Server (versions v2.09 and prior); monitor for HTTP POST requests uploading files without any authentication headers/session tokens to the web server endpoint. ↗
- →Alert on any file upload activity to SpiderControl SCADA Web Server that could result in arbitrary code execution, particularly uploads of executable or script file types to the HMI web interface. ↗
- →Flag SpiderControl SCADA Web Server instances directly exposed to the internet (no firewall/VPN), as the attack vector is network-based with low complexity and no privileges required (CVSS:3.1/AV:N/AC:L/PR:N/UI:N). ↗
- ·Affected versions are SpiderControl SCADA Web Server v2.09 and prior; patched version is 3.2.2. Ensure asset inventory reflects version to prioritize exposure. ↗
- ·The web server is intended for use only in protected/isolated environments; direct internet exposure is explicitly unsupported and significantly increases risk. ↗
- ·No known public exploitation has been reported at time of advisory publication; however, the vulnerability is remotely exploitable with low attack complexity and no authentication required. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rqjx-229x-7jmc: SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload specially crafted malicious files without
authentication
ghsa_unreviewed·2024-09-10
CVE-2024-8232 [HIGH] CWE-434 GHSA-rqjx-229x-7jmc: SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload specially crafted malicious files without
authentication
SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload specially crafted malicious files without
authentication.
CISA ICS
iniNet Solutions SpiderControl SCADA Web Server
cisa_ics·2024-09-10·CVSS 8.7
[HIGH] iniNet Solutions SpiderControl SCADA Web Server
ICS Advisory
##
iniNet Solutions SpiderControl SCADA Web Server
Release DateSeptember 10, 2024
Alert CodeICSA-24-254-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: iniNet Solutions GmbH
- Equipment: SpiderControl SCADA Web Server
- Vulnerabilities: Unrestricted Upload of File with Dangerous Type
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to log in or execute arbitrary code.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of SpiderControl, an HMI program, are affected:
- SpiderControl SCADA Web Server: Versions v2.09 and prio
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-10
Published