CISA Alert Highlights for January 23, 2024
How are Vulnerabilities Rated?
Here are a few vulnerabilities involving products with comprised firmware that was recently released earlier by CISA in conjunction with the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). These Google product vulnerabilities, including Google android phones, Google Nest Mini, Google Pixel Watch and Google Wifi Pro have all been rated as high-risk per the criteria listed below.
These vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
CISA FIRMWARE Vulnerabilities for January 2024
Vendor/Product: hihonor -- nth-an00_firmware
Description: Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.
Published Date: 12/29/2023
CVSS Score: 7.1
Source: CVE-2023-23433
Patch Info: Incorrect Privilege Assignment in Some Honor Products | HONOR Global (hihonor.com)
Vendor/Product: Honor -- nth-an00_firmware
Description: Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution
Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).
Published Date: 12/29/2023
CVSS Score: 9.8
Source: CVE-2023-23424
Patch Info: Incorrect Privilege Assignment in Some Honor Products | HONOR Global (hihonor.com)
Vendor/Product: totolink -- n350rt_firmware
Description: A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. The identifier VDB-249389 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published Date: 12/31/2023
CVSS Score: 8.8
Source: CVE-2023-7187
Patch Info: n/a
Vendor/Product: hitachi_energy -- rtu500_series_cmu_firmware
Description: A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function.
Published Date: 01/04/2024
CVSS Score: 7.5
Source: CVE-2022-2081
Patch Info: Hitachi Energy Publisher
Vendor/Product: totolink -- x2000r_firmware
Description: TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute.
Published Date: 12/30/2023
CVSS Score: 9.8
Source: CVE-2023-51133
Patch Info: n/a
Vendor/Product: totolink -- x2000r_firmware
Description: TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi.
Published Date: 12/30/2023
CVSS Score: 9.8
Source: NVD - CVE-2023-50651
Patch Info: n/a