Platform
other
Component
scada-data-gateway
Fixed in
5.1.4
CVE-2023-39460 identifies a Directory Traversal vulnerability within the Triangle MicroWorks SCADA Data Gateway. This flaw allows remote attackers to create arbitrary files on affected systems, potentially leading to system compromise and data exfiltration. The vulnerability impacts versions 5.1.3.20324 through 5.1.3.20324. A patch is expected from the vendor.
The Directory Traversal vulnerability in SCADA Data Gateway allows an attacker to bypass authentication and create files anywhere on the system the gateway process has write access. This could involve overwriting critical configuration files, injecting malicious code, or creating backdoor accounts. Successful exploitation could lead to complete system takeover, disruption of industrial control processes, and potential safety hazards. The ability to bypass authentication significantly increases the risk, as it removes a primary security barrier. The potential for lateral movement within the network depends on the gateway's network configuration and access privileges.
CVE-2023-39460 was publicly disclosed on May 3, 2024. The vulnerability's severity is rated as HIGH (CVSS 7.2). There is no indication of this being on the CISA KEV catalog at this time. Public proof-of-concept exploits are not currently known, but the relatively straightforward nature of directory traversal vulnerabilities suggests that one may emerge. Active campaigns are not currently confirmed.
Exploit Status
EPSS
1.06% (78% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2023-39460 is to upgrade to a patched version of the SCADA Data Gateway as soon as it becomes available from Triangle MicroWorks. Until a patch is available, implement temporary mitigations such as deploying a Web Application Firewall (WAF) with rules to block directory traversal attempts. Restrict access to the SCADA Data Gateway to only authorized personnel and systems. Implement strict access controls to limit the gateway's write access to only necessary directories. Regularly review and audit the gateway's configuration and logs for suspicious activity. After upgrade, confirm by verifying that file creation attempts from unauthorized sources are blocked.
Actualizar Triangle MicroWorks SCADA Data Gateway a una versión posterior a 5.1.3.20324 que solucione la vulnerabilidad de path traversal. Consultar el sitio web del proveedor para obtener la última versión y las instrucciones de actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-39460 is a Directory Traversal vulnerability affecting Triangle MicroWorks SCADA Data Gateway versions 5.1.3.20324–5.1.3.20324, allowing attackers to create arbitrary files.
If you are running Triangle MicroWorks SCADA Data Gateway version 5.1.3.20324–5.1.3.20324, you are potentially affected by this vulnerability.
Upgrade to a patched version of the SCADA Data Gateway as soon as it becomes available. Until then, implement WAF rules and restrict access.
Active exploitation is not currently confirmed, but the vulnerability's nature suggests potential for exploitation.
Refer to the Triangle MicroWorks website or security advisories for updates and official guidance regarding CVE-2023-39460.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.