CVE-2023-34982 : Vulnerability Insights and Analysis
Learn about CVE-2023-34982, an external control vulnerability in AVEVA products, allowing local OS-authenticated users to delete files with System privilege, leading to denial of service. Follow mitigation steps and apply security updates for protection.
A Local OS-authenticated user with standard privileges could exploit CVE-2023-34982 in AVEVA products to delete files with System privilege, potentially leading to denial of service.
Understanding CVE-2023-34982
CVE-2023-34982 is an external control vulnerability that affects various AVEVA products, allowing unauthorized deletion of files with system privileges, posing a risk of denial of service.
What is CVE-2023-34982?
CVE-2023-34982 enables a local OS-authenticated user to delete files with System privilege within the affected AVEVA products, potentially disrupting normal operations.
The Impact of CVE-2023-34982
The impact of CVE-2023-34982 is the potential denial of service due to unauthorized file deletions that could adversely affect the functionality and availability of the affected AVEVA products.
Technical Details of CVE-2023-34982
CVE-2023-34982 has a base CVSS score of 5.5, with a medium severity level. The attack complexity is low, requiring local access, and the availability impact is high.
Vulnerability Description
The vulnerability allows a local OS-authenticated attacker to delete files with System privilege, leading to denial of service within the affected AVEVA products.
Affected Systems and Versions
Various AVEVA products, including SystemPlatform, Historian, InTouch, and others up to specific versions like 2020 R2 SP1, are impacted by CVE-2023-34982.
Exploitation Mechanism
Exploiting this vulnerability requires a local OS-authenticated user with standard privileges to manipulate the system's file structure, resulting in unauthorized file deletions.
Mitigation and Prevention
Organizations using the affected AVEVA products are advised to apply security updates promptly, evaluate vulnerabilities based on their environment, and follow general precautions.
Immediate Steps to Take
Disable Guest or Anonymous local OS accounts, restrict access to trusted users on affected nodes, and apply recommended security updates to mitigate the risk posed by CVE-2023-34982.
Long-Term Security Practices
Continuously monitor and update security protocols, ensure system access controls are in place, and stay informed about security bulletins and patches released by AVEVA.
Patching and Updates
Refer to AVEVA Security Bulletin AVEVA-2023-003 for detailed mitigation steps, individual security updates, and additional information on addressing CVE-2023-34982 within the impacted AVEVA products.