CVE-2023-33873 : Security Advisory and Response
Learn about CVE-2023-33873, a privilege escalation vulnerability in AVEVA products that allows attackers to escalate to System privilege, leading to complete compromise. Discover impact, affected systems, mitigation steps, and security updates.
A privilege escalation vulnerability in AVEVA products allows a local user to escalate to System privilege, leading to a complete compromise of the target machine.
Understanding CVE-2023-33873
This vulnerability in AVEVA products poses a significant risk due to privilege escalation, potentially resulting in a complete compromise of the affected system.
What is CVE-2023-33873?
CVE-2023-33873 is a privilege escalation vulnerability that, if exploited, allows a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where AVEVA products are installed.
The Impact of CVE-2023-33873
The impact of this vulnerability is critical as it provides the attacker with the ability to gain elevated privileges on the target system, ultimately leading to a complete compromise of the machine.
Technical Details of CVE-2023-33873
The vulnerability is rated with a CVSSv3.1 base score of 7.8, indicating high severity due to its low attack complexity, local attack vector, and high impact on confidentiality, integrity, and availability.
Vulnerability Description
The vulnerability allows a local user to escalate privileges to System level on the affected machine, potentially resulting in a complete compromise.
Affected Systems and Versions
AVEVA products including SystemPlatform, Historian, InTouch, and others up to certain versions are impacted by this privilege escalation vulnerability.
Exploitation Mechanism
An attacker with local OS access can exploit this vulnerability to elevate privileges on the target system, posing a serious security risk.
Mitigation and Prevention
Organizations using AVEVA products are advised to apply security updates promptly and follow best practices to mitigate the risk of exploitation.
Immediate Steps to Take
- Evaluate the impact based on operational environment
- Apply security updates promptly
- Disable Guest or Anonymous local OS accounts
- Restrict login access to trusted users on affected nodes
Long-Term Security Practices
Implement stronger access controls, regular security assessments, and employee training to enhance overall security posture.
Patching and Updates
Refer to AVEVA Security Bulletin for detailed information, individual security updates, and mitigations for each affected product.
For more detailed information, visit the official AVEVA support page.