Platform
other
Component
triangle-microworks-scada-data-gateway
Fixed in
5.1.4
CVE-2023-39459 describes a Directory Traversal vulnerability within the Triangle MicroWorks SCADA Data Gateway. This flaw allows remote attackers to create arbitrary files on affected systems, potentially leading to unauthorized access and system compromise. The vulnerability impacts versions 5.1.3–5.1.3 of the SCADA Data Gateway, and a fix is expected from the vendor. User interaction is required to trigger the vulnerability.
The Directory Traversal vulnerability in Triangle MicroWorks SCADA Data Gateway poses a significant risk to industrial control systems. An attacker could leverage this flaw to create malicious files within the system's file structure, potentially overwriting critical configuration files, installing malware, or gaining persistent access. Successful exploitation could disrupt operations, compromise data integrity, and even lead to physical damage if the SCADA system controls physical processes. The ability to create arbitrary files bypasses normal security controls, making it a particularly dangerous vulnerability. This type of attack could be similar to scenarios where attackers have exploited file upload vulnerabilities to gain control of systems.
CVE-2023-39459 was published on 2024-05-03. The vulnerability's exploitation context is currently unclear; no public proof-of-concept (POC) has been identified. The EPSS score is pending evaluation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
Exploit Status
EPSS
0.34% (57% percentile)
CISA SSVC
CVSS Vector
While a patched version is the definitive solution, immediate mitigation steps can reduce the risk. First, restrict network access to the SCADA Data Gateway, limiting exposure to potential attackers. Implement strict file system monitoring to detect any unauthorized file creation or modification. Consider using a Web Application Firewall (WAF) to filter malicious requests targeting the vulnerable endpoint. Review and harden the system's configuration to minimize the potential impact of a successful attack. After applying mitigations, verify their effectiveness by attempting to trigger the vulnerability with a controlled test.
Update Triangle MicroWorks SCADA Data Gateway to a version later than 5.1.3 that addresses the arbitrary file creation vulnerability. Consult the vendor's website for the latest version and update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-39459 is a Directory Traversal vulnerability affecting Triangle MicroWorks SCADA Data Gateway versions 5.1.3–5.1.3, allowing attackers to create arbitrary files.
If you are running Triangle MicroWorks SCADA Data Gateway version 5.1.3–5.1.3, you are potentially affected by this vulnerability.
Upgrade to a patched version of Triangle MicroWorks SCADA Data Gateway as soon as it becomes available. In the meantime, implement mitigation steps like restricting network access and monitoring file system activity.
Currently, there are no confirmed reports of active exploitation, but it's crucial to apply mitigations and monitor for any suspicious activity.
Refer to the Triangle MicroWorks website and security advisories for the latest information and official patch releases regarding CVE-2023-39459.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.