Rockwell Automation Stratix 5800 & 5200 Cisco IOS XE Web UI Privilege Escalation (CVE-2023-20198)

critical Tenable OT Security Plugin ID 501759

Synopsis

The remote OT asset is affected by a vulnerability.

Description

This vulnerability in the Web UI feature of Cisco IOS XE Software allows a remote, unauthenticated threat actor to create an account on a vulnerable system with privilege level 15 access. The threat actor could then potentially use that account to gain control of the affected system.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Rockwell strongly encourages customers to follow guidance disabling Stratix HTTP servers on all internet-facing systems. See Rockwell Automation's security advisory for more information.

See Also

http://www.nessus.org/u?1506d35e

http://www.nessus.org/u?059a6d2a

Plugin Details

Severity: Critical

ID: 501759

Version: 1.7

Type: remote

Family: Tenable.ot

Published: 10/24/2023

Updated: 4/16/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-20198

CVSS v3

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:allen-bradley_stratix_5200, cpe:/h:rockwellautomation:allen-bradley_stratix_5800

Required KB Items: Tenable.ot/Rockwell

Exploit Available: true

Exploit Ease: Exploits are available

CISA Known Exploited Vulnerability Due Dates: 10/20/2023

Exploitable With

Core Impact

Metasploit (Cisco IOX XE Unauthenticated RCE Chain)

Reference Information

CVE: CVE-2023-20198