Detections
Analytics

Rockwell Automation PowerMonitor 1000 Improper Neutralization of Input During Web Page Generation (CVE-2023-2072)

high Tenable OT Security Plugin ID 501604

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated user resulting in remote code execution and potentially the complete loss of confidentiality, integrity, and availability of the product.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Rockwell Automation has released the following mitigations and workarounds. Customers using the affected software are encouraged to apply the risk mitigation below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of the vulnerability.

- Upgrade to V4.019 which has been patched to mitigate these issues.
- Rockwell Automation encourages users to implement their suggested security best practices to minimize risk of the vulnerability.

For more information, see Rockwell Automation’s Security Advisory.

See Also

http://www.nessus.org/u?c96c0ea0

https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-05

http://www.nessus.org/u?af1d183c

Plugin Details

Severity: High

ID: 501604

Version: 1.8

Type: remote

Family: Tenable.ot

Published: 8/21/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-2072

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:rockwellautomation:powermonitor_1000_firmware:-

Required KB Items: Tenable.ot/Rockwell

Exploit Ease: No known exploits are available

Patch Publication Date: 7/11/2023

Vulnerability Publication Date: 7/11/2023

Reference Information

CVE: CVE-2023-2072

CWE: 79

ICSA: 23-194-05