Detections
Analytics

Teltonika Remote Management System and RUT Model Routers Improper Neutralization of Special Elements Used in an OS Command (CVE-2023-32350)

high Tenable OT Security Plugin ID 502646

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Versions 00.07.00 through 00.07.03 of Teltonika's RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Teltonika recommends users update their devices to the latest versions.

- RMS services have already been updated to versions, which fix these vulnerabilities.
- Users can download the latest version of their respective RUT routers by navigating to the appropriate device on Teltonika’s website.

See Also

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08

Plugin Details

Severity: High

ID: 502646

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 10/17/2024

Updated: 10/18/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-32350

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:teltonika-networks:rut100_firmware, cpe:/o:teltonika-networks:rutm50_firmware, cpe:/o:teltonika-networks:rutx50_firmware, cpe:/o:teltonika-networks:otd140_firmware, cpe:/o:teltonika-networks:rut300_firmware, cpe:/o:teltonika-networks:rutm_firmware, cpe:/o:teltonika-networks:rutx_firmware, cpe:/o:teltonika-networks:rutc50_firmware, cpe:/o:teltonika-networks:rut200_firmware, cpe:/o:teltonika-networks:tcr100_firmware, cpe:/o:teltonika-networks:rut900_firmware

Required KB Items: Tenable.ot/Teltonika

Exploit Ease: No known exploits are available

Patch Publication Date: 5/22/2023

Vulnerability Publication Date: 5/22/2023

Reference Information

CVE: CVE-2023-32350

CWE: 78

ICSA: 23-131-08