SB2023111543 - Multiple vulnerabilities in AVEVA Operations Control Logger

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Execution with unnecessary privileges (CVE-ID: CVE-2023-33873)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application binary has a setuid bit. A local low-privileged user can run the affected binary and execute arbitrary code on the system with root privileges.

2) External Control of File Name or Path (CVE-ID: CVE-2023-34982)

The vulnerability allows a local user to delete arbitrary files.

The vulnerability exists due to application allows an attacker to control path of the files to delete. A local user can send a specially crafted HTTP request and delete arbitrary files on the system, leading to denial of service (DoS) condition.

Remediation

Install update from vendor's website.

References

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01
• https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV...