Bosch Security Systems B426 Conettix Improper Access Control (CVE-2021-23845)

high Tenable OT Security Plugin ID 501996

Synopsis

The remote OT asset is affected by a vulnerability.

Description

This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from version 3.08 on, which was released on June 2019.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The recommended approach is to update the software of affected Bosch products to a fixed version. If an update is not possible in a timely manner, the mitigation approaches Firewalling and IP Filtering can be utilized. A list of affected and fixed firmware versions is available in the 'Affected Products' section of the vendor advisory.

It is advised that the devices should not be exposed directly to the internet or other insecure networks. This includes port-forwarding, which would not protect devices adequately. Firewalling a device significantly reduces its attack surface.

See Also

https://psirt.bosch.com/security-advisories/bosch-sa-196933-bt.html

Plugin Details

Severity: High

ID: 501996

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 2/14/2024

Updated: 2/15/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-23845

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:bosch:b426_firmware

Required KB Items: Tenable.ot/BoschSecuritySystems

Exploit Ease: No known exploits are available

Patch Publication Date: 6/18/2021

Vulnerability Publication Date: 6/18/2021

Reference Information

CVE: CVE-2021-23845