Search criteria
53 vulnerabilities found for SCADA Data Gateway by Triangle MicroWorks
VAR-202308-2008
Vulnerability from variot - Updated: 2025-10-17 23:18Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-2008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Uri Katz of Claroty Team82",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39465",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-21059",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39465",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029207",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39465",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39465",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029207",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39465",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-21059",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39465"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "VULMON",
"id": "CVE-2023-39465"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39465",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1033",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20615",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-21059",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39465",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "VULMON",
"id": "CVE-2023-39465"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"id": "VAR-202308-2008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21059"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21059"
}
]
},
"last_update_date": "2025-10-17T23:18:34.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/731076"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-321",
"trust": 1.0
},
{
"problemtype": "Using hardcoded encryption keys (CWE-321) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1033/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39465"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39465"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "VULMON",
"id": "CVE-2023-39465"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"db": "VULMON",
"id": "CVE-2023-39465"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"date": "2025-09-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"date": "2025-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"date": "2024-05-03T03:15:12.030000",
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1033"
},
{
"date": "2025-09-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21059"
},
{
"date": "2025-06-20T02:24:00",
"db": "JVNDB",
"id": "JVNDB-2023-029207"
},
{
"date": "2025-06-17T21:03:22.110000",
"db": "NVD",
"id": "CVE-2023-39465"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability related to the use of hard-coded encryption keys in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029207"
}
],
"trust": 0.8
}
}
VAR-202308-0867
Vulnerability from variot - Updated: 2025-10-16 23:48Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536. It is primarily used for data acquisition and monitoring in industrial automation control systems. Detailed vulnerability details are not currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-0867",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-21061",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2023-39462",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2023-029200",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2023-39462",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39462",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029200",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-39462",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-21061",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536. It is primarily used for data acquisition and monitoring in industrial automation control systems. Detailed vulnerability details are not currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39462"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "VULMON",
"id": "CVE-2023-39462"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39462",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1030",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20536",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-21061",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39462",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "VULMON",
"id": "CVE-2023-39462"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"id": "VAR-202308-0867",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21061"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21061"
}
]
},
"last_update_date": "2025-10-16T23:48:19.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway File Upload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/731081"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.0
},
{
"problemtype": "Unlimited uploads of dangerous types of files (CWE-434) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 2.5,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1030/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39462"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "VULMON",
"id": "CVE-2023-39462"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"db": "VULMON",
"id": "CVE-2023-39462"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"date": "2025-09-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"date": "2024-05-03T03:15:11.533000",
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1030"
},
{
"date": "2025-09-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21061"
},
{
"date": "2025-06-19T01:31:00",
"db": "JVNDB",
"id": "JVNDB-2023-029200"
},
{
"date": "2025-06-17T21:03:33.927000",
"db": "NVD",
"id": "CVE-2023-39462"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability in unlimited upload of dangerous types of files in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029200"
}
],
"trust": 0.8
}
}
VAR-201405-0286
Vulnerability from variot - Updated: 2025-10-03 23:19Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). SCADA Data Gateway is prone to a remote denial-of-service vulnerability because the application fails to properly validate the user-supplied input. An attacker can leverage this issue to consume resources resulting in denial-of-service condition; denying service to legitimate users. Note: This issue affects the IP connected devices. Versions prior to SCADA Data Gateway 3.00.0635 are vulnerable. Triangle MicroWorks SCADA Data Gateway (SDG) is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server of Triangle MicroWorks in the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0286",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0630"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0616"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.53"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0612"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.51"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0615"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50.0309"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0583"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0545"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0597"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0590"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0528"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0518"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0595"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0540"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0594"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0571"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0576"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0580"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0552"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0592"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0558"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0515"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0516"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0561"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0575"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0578"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0582"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0596"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0598"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0536"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0565"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0588"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0572"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0579"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0599"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0567"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0574"
},
{
"model": "scada data gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00.0633"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0564"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0587"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0562"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0566"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0586"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0581"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0529"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0570"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0573"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0589"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0553"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0584"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0569"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0591"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0544"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0517"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0577"
},
{
"model": "scada data gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.00.0635"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "trianglemicroworks",
"version": "3.00.0633"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.50"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.50.0309"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.51"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0515"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0516"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0517"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0518"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0528"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0529"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0536"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0540"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0544"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0545"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0552"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0553"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0558"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0561"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0562"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0564"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0565"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0566"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0567"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0569"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0570"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0571"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0572"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0573"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0574"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0575"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0576"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0577"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0578"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0579"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0580"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0581"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0582"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0583"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0584"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0586"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0587"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0588"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0589"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0590"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0591"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0592"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0594"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0595"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0596"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0597"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0598"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0599"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0612"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0615"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0616"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0630"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "*"
},
{
"model": "microworks scada data gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.0.616"
},
{
"model": "microworks scada data gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "triangle",
"version": "3.0.635"
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "BID",
"id": "67722"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "67722"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2342",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-2342",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-2342",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-03461",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-70281",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2014-2342",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2342",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-2342",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-03461",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-580",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-70281",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "VULHUB",
"id": "VHN-70281"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). SCADA Data Gateway is prone to a remote denial-of-service vulnerability because the application fails to properly validate the user-supplied input. \nAn attacker can leverage this issue to consume resources resulting in denial-of-service condition; denying service to legitimate users. \nNote: This issue affects the IP connected devices. \nVersions prior to SCADA Data Gateway 3.00.0635 are vulnerable. Triangle MicroWorks SCADA Data Gateway (SDG) is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server of Triangle MicroWorks in the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2342"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "BID",
"id": "67722"
},
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70281"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2342",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-14-149-01",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-03461",
"trust": 1.0
},
{
"db": "BID",
"id": "67722",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D711E00-463F-11E9-9C2C-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F3B5D68C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70281",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "VULHUB",
"id": "VHN-70281"
},
{
"db": "BID",
"id": "67722"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"id": "VAR-201405-0286",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "VULHUB",
"id": "VHN-70281"
}
],
"trust": 1.9636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
}
]
},
"last_update_date": "2025-10-03T23:19:08.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SCADA Data Gateway",
"trust": 0.8,
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"title": "Patch for SCADA Data Gateway IP Link Device Remote Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/46142"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
},
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70281"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-149-01"
},
{
"trust": 1.7,
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2342"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2342"
},
{
"trust": 0.3,
"url": "http://www.trianglemicroworks.com/"
},
{
"trust": 0.3,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "VULHUB",
"id": "VHN-70281"
},
{
"db": "BID",
"id": "67722"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"db": "VULHUB",
"id": "VHN-70281"
},
{
"db": "BID",
"id": "67722"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-06T00:00:00",
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"date": "2014-06-06T00:00:00",
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-06-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"date": "2014-05-30T00:00:00",
"db": "VULHUB",
"id": "VHN-70281"
},
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67722"
},
{
"date": "2014-05-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"date": "2014-05-30T23:55:02.707000",
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03461"
},
{
"date": "2014-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-70281"
},
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67722"
},
{
"date": "2014-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-580"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002710"
},
{
"date": "2025-10-02T23:15:29",
"db": "NVD",
"id": "CVE-2014-2342"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002710"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "7d711e00-463f-11e9-9c2c-000c29342cb1"
},
{
"db": "IVD",
"id": "f3b5d68c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-580"
}
],
"trust": 1.0
}
}
VAR-201405-0278
Vulnerability from variot - Updated: 2025-10-03 23:19Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). An attacker can leverage this issue to consume resources resulting in denial-of-service condition; denying service to legitimate users. Note: To exploit this issue local access to the serial-based outstation is required. Versions prior to SCADA Data Gateway 3.00.0635 are vulnerable. Triangle MicroWorks SCADA Data Gateway (SDG) is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server of Triangle MicroWorks in the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0278",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0630"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0616"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0517"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0612"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0518"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0615"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50.0309"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0516"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0545"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0597"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0590"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0528"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0595"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0540"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0594"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.51"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.53"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0571"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0576"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0580"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0552"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0592"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0558"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0515"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0561"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0575"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0578"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0582"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0596"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0598"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0536"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0565"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0588"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0572"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0579"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0599"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0567"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0574"
},
{
"model": "scada data gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00.0633"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0583"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0564"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0587"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0562"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0566"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0586"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0581"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0529"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0570"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0573"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0589"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0553"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0584"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0569"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0591"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0544"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0577"
},
{
"model": "scada data gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.00.0635"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "trianglemicroworks",
"version": "3.00.0633"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.50"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.50.0309"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.51"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0515"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0516"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0517"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0518"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0528"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0529"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0536"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0540"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0544"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0545"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0552"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0553"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0558"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0561"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0562"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0564"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0565"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0566"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0567"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0569"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0570"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0571"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0572"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0573"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0574"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0575"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0576"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0577"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0578"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0579"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0580"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0581"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0582"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0583"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0584"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0586"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0587"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0588"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0589"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0590"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0591"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0592"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0594"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0595"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0596"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0597"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0598"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "2.54.0599"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0612"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0615"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0616"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "3.00.0630"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "scada data gateway",
"version": "*"
},
{
"model": "microworks scada data gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.0.616"
},
{
"model": "microworks scada data gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "triangle",
"version": "3.0.635"
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "BID",
"id": "67723"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "67723"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-2343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "CVE-2014-2343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "CNVD-2014-03462",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-70282",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2014-2343",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2343",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2014-2343",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2014-03462",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-581",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-70282",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "VULHUB",
"id": "VHN-70282"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). \nAn attacker can leverage this issue to consume resources resulting in denial-of-service condition; denying service to legitimate users. \nNote: To exploit this issue local access to the serial-based outstation is required. \nVersions prior to SCADA Data Gateway 3.00.0635 are vulnerable. Triangle MicroWorks SCADA Data Gateway (SDG) is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server of Triangle MicroWorks in the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2343"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "BID",
"id": "67723"
},
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70282"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2343",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-14-149-01",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-03462",
"trust": 1.0
},
{
"db": "BID",
"id": "67723",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D711E01-463F-11E9-BCB6-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F3BBE450-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70282",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "VULHUB",
"id": "VHN-70282"
},
{
"db": "BID",
"id": "67723"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"id": "VAR-201405-0278",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "VULHUB",
"id": "VHN-70282"
}
],
"trust": 1.9636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
}
]
},
"last_update_date": "2025-10-03T23:19:08.041000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SCADA Data Gateway",
"trust": 0.8,
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"title": "Patch for SCADA Data Gateway Serial Link Device Local Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/46141"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
},
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70282"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-149-01"
},
{
"trust": 1.7,
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2343"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2343"
},
{
"trust": 0.3,
"url": "http://www.trianglemicroworks.com/"
},
{
"trust": 0.3,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "VULHUB",
"id": "VHN-70282"
},
{
"db": "BID",
"id": "67723"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"db": "VULHUB",
"id": "VHN-70282"
},
{
"db": "BID",
"id": "67723"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-06T00:00:00",
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"date": "2014-06-06T00:00:00",
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-06-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"date": "2014-05-30T00:00:00",
"db": "VULHUB",
"id": "VHN-70282"
},
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67723"
},
{
"date": "2014-05-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"date": "2014-05-30T23:55:02.783000",
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03462"
},
{
"date": "2014-06-04T00:00:00",
"db": "VULHUB",
"id": "VHN-70282"
},
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67723"
},
{
"date": "2014-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-581"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002711"
},
{
"date": "2025-10-02T23:15:30.137000",
"db": "NVD",
"id": "CVE-2014-2343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "67723"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SCADA Data Gateway Serial Link Device Local Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03462"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "7d711e01-463f-11e9-bcb6-000c29342cb1"
},
{
"db": "IVD",
"id": "f3bbe450-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-581"
}
],
"trust": 1.0
}
}
VAR-202308-1260
Vulnerability from variot - Updated: 2025-06-21 23:39Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534. (DoS) It may be in a state. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of Triangle MicroWorks in the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39460",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2025-08347",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39460",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029215",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39460",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39460",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029215",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39460",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-08347",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534. (DoS) It may be in a state. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of Triangle MicroWorks in the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39460"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "VULMON",
"id": "CVE-2023-39460"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39460",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1028",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20534",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-08347",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39460",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "VULMON",
"id": "CVE-2023-39460"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"id": "VAR-202308-1260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-08347"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-08347"
}
]
},
"last_update_date": "2025-06-21T23:39:23.489000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Arbitrary File Creation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/682386"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1028/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39460"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "VULMON",
"id": "CVE-2023-39460"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"db": "VULMON",
"id": "CVE-2023-39460"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"date": "2025-04-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"date": "2025-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"date": "2024-05-03T03:15:11.157000",
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1028"
},
{
"date": "2025-04-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-08347"
},
{
"date": "2025-06-20T07:38:00",
"db": "JVNDB",
"id": "JVNDB-2023-029215"
},
{
"date": "2025-06-17T21:03:41",
"db": "NVD",
"id": "CVE-2023-39460"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029215"
}
],
"trust": 0.8
}
}
VAR-202308-1066
Vulnerability from variot - Updated: 2025-06-21 23:33Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537. Triangle MicroWorks of SCADA Data Gateway Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks of the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Team ECQ",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2025-10577",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39463",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029214",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39463",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39463",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029214",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39463",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-10577",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537. Triangle MicroWorks of SCADA Data Gateway Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks of the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39463"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39463",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1031",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20537",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-10577",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"id": "VAR-202308-1066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10577"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10577"
}
]
},
"last_update_date": "2025-06-21T23:33:47.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/687791"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.0
},
{
"problemtype": "Unlimited uploads of dangerous types of files (CWE-434) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1031/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39463"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"date": "2025-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"date": "2024-05-03T03:15:11.703000",
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1031"
},
{
"date": "2025-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10577"
},
{
"date": "2025-06-20T07:38:00",
"db": "JVNDB",
"id": "JVNDB-2023-029214"
},
{
"date": "2025-06-17T21:03:30.330000",
"db": "NVD",
"id": "CVE-2023-39463"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability in unlimited upload of dangerous types of files in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029214"
}
],
"trust": 0.8
}
}
VAR-202308-1639
Vulnerability from variot - Updated: 2025-06-21 23:06Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1639",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Team ECQ",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2024-36826",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39464",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029208",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39464",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39464",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029208",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39464",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-36826",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39464"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "VULMON",
"id": "CVE-2023-39464"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39464",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1032",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20538",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-36826",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39464",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "VULMON",
"id": "CVE-2023-39464"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"id": "VAR-202308-1639",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36826"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36826"
}
]
},
"last_update_date": "2025-06-21T23:06:39.797000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/585371"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.0
},
{
"problemtype": "unquoted search path or element (CWE-428) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1032/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39464"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39464"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "VULMON",
"id": "CVE-2023-39464"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"db": "VULMON",
"id": "CVE-2023-39464"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"date": "2025-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"date": "2024-05-03T03:15:11.870000",
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1032"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36826"
},
{
"date": "2025-06-20T02:24:00",
"db": "JVNDB",
"id": "JVNDB-2023-029208"
},
{
"date": "2025-06-17T21:03:26.297000",
"db": "NVD",
"id": "CVE-2023-39464"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Unquoted Search Path or Element Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029208"
}
],
"trust": 0.8
}
}
VAR-202308-1258
Vulnerability from variot - Updated: 2025-06-20 23:17Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Uri Katz of Claroty Team82",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39468",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2025-10578",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39468",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029197",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-39468",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39468",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029197",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39468",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-10578",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39468"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39468",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1036",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20799",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-10578",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"id": "VAR-202308-1258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10578"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10578"
}
]
},
"last_update_date": "2025-06-20T23:17:42.142000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Arbitrary Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/689626"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-749",
"trust": 1.0
},
{
"problemtype": "Exposing dangerous methods or functions (CWE-749) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1036/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39468"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"date": "2025-05-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"date": "2024-05-03T03:15:12.563000",
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1036"
},
{
"date": "2025-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10578"
},
{
"date": "2025-06-19T01:10:00",
"db": "JVNDB",
"id": "JVNDB-2023-029197"
},
{
"date": "2025-06-17T21:02:53.483000",
"db": "NVD",
"id": "CVE-2023-39468"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerabilities related to exposing dangerous methods and functions in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029197"
}
],
"trust": 0.8
}
}
VAR-202308-1638
Vulnerability from variot - Updated: 2025-06-20 23:17Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798. Web There is a vulnerability related to saving under root.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1638",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Uri Katz of Claroty Team82",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39467",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-36823",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39467",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2023-029198",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39467",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39467",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029198",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-39467",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-36823",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798. Web There is a vulnerability related to saving under root.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39467"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39467",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1035",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20798",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-36823",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"id": "VAR-202308-1638",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36823"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36823"
}
]
},
"last_update_date": "2025-06-20T23:17:42.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/585356"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-219",
"trust": 1.0
},
{
"problemtype": "Data containing important data Web Save to root (CWE-219) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1035/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39467"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39467"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"date": "2024-05-03T03:15:12.360000",
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1035"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36823"
},
{
"date": "2025-06-19T01:31:00",
"db": "JVNDB",
"id": "JVNDB-2023-029198"
},
{
"date": "2025-06-17T21:03:14.050000",
"db": "NVD",
"id": "CVE-2023-39467"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Data containing important data in \u00a0Web\u00a0 Root save vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029198"
}
],
"trust": 0.8
}
}
VAR-202308-1259
Vulnerability from variot - Updated: 2025-06-20 23:15Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-1259",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39461",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.2,
"id": "CNVD-2024-36825",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:M/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.7,
"id": "CVE-2023-39461",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2023-029203",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.7,
"id": "CVE-2023-39461",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39461",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029203",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-39461",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-36825",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39461"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39461",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1029",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20535",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-36825",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"id": "VAR-202308-1259",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36825"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36825"
}
]
},
"last_update_date": "2025-06-20T23:15:17.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Arbitrary File Write Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/585366"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-117",
"trust": 1.0
},
{
"problemtype": "Disabling inappropriate logging (CWE-117) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1029/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39461"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39461"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"date": "2024-05-03T03:15:11.363000",
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1029"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36825"
},
{
"date": "2025-06-19T06:02:00",
"db": "JVNDB",
"id": "JVNDB-2023-029203"
},
{
"date": "2025-06-17T21:03:37.467000",
"db": "NVD",
"id": "CVE-2023-39461"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability related to improper log output disabling in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029203"
}
],
"trust": 0.8
}
}
VAR-202308-0677
Vulnerability from variot - Updated: 2025-06-20 23:14Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-0677",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3"
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Li Jiantao, Ngo Wei Lin, Pan Zhenpeng of STAR Labs SG Pte. Ltd.",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39459",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2025-10576",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2023-39459",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029204",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2023-39459",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39459",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029204",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-39459",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-10576",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. \n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39459"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "VULMON",
"id": "CVE-2023-39459"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39459",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1027",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20531",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-10576",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39459",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "VULMON",
"id": "CVE-2023-39459"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"id": "VAR-202308-0677",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10576"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10576"
}
]
},
"last_update_date": "2025-06-20T23:14:18.629000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Arbitrary File Creation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/686876"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1027/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39459"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "VULMON",
"id": "CVE-2023-39459"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"db": "VULMON",
"id": "CVE-2023-39459"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"date": "2025-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"date": "2024-05-03T03:15:10.987000",
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1027"
},
{
"date": "2025-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10576"
},
{
"date": "2025-06-19T06:02:00",
"db": "JVNDB",
"id": "JVNDB-2023-029204"
},
{
"date": "2025-06-17T21:03:44.860000",
"db": "NVD",
"id": "CVE-2023-39459"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029204"
}
],
"trust": 0.8
}
}
VAR-202308-2037
Vulnerability from variot - Updated: 2025-06-20 23:06Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-2037",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Team ECQ",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2024-36824",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-39458",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029205",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-39458",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39458",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029205",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-39458",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-36824",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39458"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39458",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1026",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20509",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-36824",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"id": "VAR-202308-2037",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36824"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-36824"
}
]
},
"last_update_date": "2025-06-20T23:06:59.521000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Hard-coded Authentication Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/585361"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
},
{
"problemtype": "Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1026/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39458"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39458"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"date": "2024-05-03T03:15:10.823000",
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1026"
},
{
"date": "2024-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-36824"
},
{
"date": "2025-06-19T06:02:00",
"db": "JVNDB",
"id": "JVNDB-2023-029205"
},
{
"date": "2025-06-17T21:03:48.560000",
"db": "NVD",
"id": "CVE-2023-39458"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability in using hard-coded credentials in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029205"
}
],
"trust": 0.8
}
}
VAR-202308-2058
Vulnerability from variot - Updated: 2025-06-20 23:06Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-2058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-07626",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39457",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029201",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39457",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39457",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029201",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2023-39457",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2025-07626",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39457"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39457",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1025",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20501",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-07626",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-39457",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "VULMON",
"id": "CVE-2023-39457"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"id": "VAR-202308-2058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07626"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07626"
}
]
},
"last_update_date": "2025-06-20T23:06:59.492000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/680426"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ZENDATA-Cybersecurity/Newsletter "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "VULMON",
"id": "CVE-2023-39457"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1025/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39457"
},
{
"trust": 0.1,
"url": "https://github.com/zendata-cybersecurity/newsletter"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "VULMON",
"id": "CVE-2023-39457"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"db": "VULMON",
"id": "CVE-2023-39457"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"date": "2025-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"date": "2024-05-03T03:15:10.647000",
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1025"
},
{
"date": "2025-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07626"
},
{
"date": "2025-06-19T01:31:00",
"db": "JVNDB",
"id": "JVNDB-2023-029201"
},
{
"date": "2025-06-17T21:03:54.923000",
"db": "NVD",
"id": "CVE-2023-39457"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability regarding lack of authentication for critical features in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029201"
}
],
"trust": 0.8
}
}
VAR-202308-0676
Vulnerability from variot - Updated: 2025-06-20 23:05Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-0676",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada data gateway",
"scope": null,
"trust": 1.5,
"vendor": "triangle microworks",
"version": null
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "5.1.3.20324"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": null
},
{
"model": "microworks scada data gateway",
"scope": null,
"trust": 0.6,
"vendor": "triangle",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Uri Katz of Claroty Team82",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
}
],
"trust": 0.7
},
"cve": "CVE-2023-39466",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-34977",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39466",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2023-029199",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2023-39466",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-39466",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029199",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-39466",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-34977",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-39466"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-39466",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1034",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20797",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-34977",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"id": "VAR-202308-0676",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-34977"
}
],
"trust": 1.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-34977"
}
]
},
"last_update_date": "2025-06-20T23:05:23.745000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/576521"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1034/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39466"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39466"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"date": "2024-08-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"date": "2025-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"date": "2024-05-03T03:15:12.193000",
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-04T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1034"
},
{
"date": "2024-08-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-34977"
},
{
"date": "2025-06-19T01:31:00",
"db": "JVNDB",
"id": "JVNDB-2023-029199"
},
{
"date": "2025-06-17T21:03:18.190000",
"db": "NVD",
"id": "CVE-2023-39466"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle\u00a0MicroWorks\u00a0 of \u00a0SCADA\u00a0Data\u00a0Gateway\u00a0 Vulnerability regarding lack of authentication for critical features in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029199"
}
],
"trust": 0.8
}
}
VAR-201309-0201
Vulnerability from variot - Updated: 2025-04-11 23:01Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). Multiple Triangle MicroWorks products are prone to a local denial-of-service vulnerability. An attacker can exploit this issue to crash the affected device, denying service to legitimate users. NOTE: To exploit this issue, local access to the serial-based outstation is required. SDG is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server. DNP3 .NET Protocol components is a set of .NET framework components that support DNP3. DNP3 ANSI C source code libraries is a source code library based on the ANSI C standard
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0201",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.12.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0536"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0528"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0517"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.53"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.51"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0518"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0529"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0515"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.54.0516"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0595"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0558"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.07.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0544"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.14.0000"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.06.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0569"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0574"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.06.0.171"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0553"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0567"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.09.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0582"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.11.00"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.11.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0552"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0564"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0566"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0565"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0575"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0584"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00.0616"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.13.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.50"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.50.0309"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0583"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0589"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.15.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0577"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0586"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.07.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0588"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0578"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0596"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0562"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0573"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0587"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.08.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0580"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0597"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.09.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0598"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.00"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.10.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0591"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0540"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0576"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.15.0.369"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0590"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0594"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0561"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0570"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0571"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0581"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.15.00"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.08.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0579"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0545"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0599"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.10.00"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "3.14.00"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0572"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.54.0592"
},
{
"model": ".net protocol components",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.06.0.171 to 3.15.0.369"
},
{
"model": "ansi standard c source code libraries",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.06.0000 to 3.15.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "2.50.0309 to 3.00.0616"
},
{
"model": "microworks scada data gateway to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "2.50.03093.00.0616"
},
{
"model": "microworks dnp3 .net protocol components to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "3.06.0.1713.15.0.369"
},
{
"model": "microworks dnp3 ansi c source code libraries to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "3.06.00003.15.0000"
},
{
"model": "microworks scada data gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.0.616"
},
{
"model": "microworks scada data gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "2.50.309"
},
{
"model": "microworks dnp3 ansi c source code libraries",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.15"
},
{
"model": "microworks dnp3 ansi c source code libraries",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.6"
},
{
"model": "microworks dnp3 .net protocol components",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.15369"
},
{
"model": "microworks dnp3 .net protocol components",
"scope": "eq",
"trust": 0.3,
"vendor": "triangle",
"version": "3.6171"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.06.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.07.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.08.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.09.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.10.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.11.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.12.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.13.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.14.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.15.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.06.0.171"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.07.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.08.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.09.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.10.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.11.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.14.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.15.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.15.0.369"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.50"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.50.0309"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.51"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0515"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0516"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0517"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0518"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0528"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0529"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0536"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0540"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0544"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0545"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0552"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0553"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0558"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0561"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0562"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0564"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0565"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0566"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0567"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0569"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0570"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0571"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0572"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0573"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0574"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0575"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0576"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0577"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0578"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0579"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0580"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0581"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0582"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0583"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0584"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0586"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0587"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0588"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0589"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0590"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0591"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0592"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0594"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0595"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0596"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0597"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0598"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.54.0599"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "3.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "3.00.0616"
}
],
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "BID",
"id": "62086"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:.net_communication_protocol_components",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:ansi_c_source_code_libraries",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain of Automatak and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "62086"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
}
],
"trust": 0.9
},
"cve": "CVE-2013-2794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2013-2794",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CNVD-2013-12784",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-62796",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2794",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-12784",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-537",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62796",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "VULHUB",
"id": "VHN-62796"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). Multiple Triangle MicroWorks products are prone to a local denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected device, denying service to legitimate users. \nNOTE: To exploit this issue, local access to the serial-based outstation is required. SDG is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server. DNP3 .NET Protocol components is a set of .NET framework components that support DNP3. DNP3 ANSI C source code libraries is a source code library based on the ANSI C standard",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "BID",
"id": "62086"
},
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62796"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2794",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-240-01",
"trust": 3.4
},
{
"db": "BID",
"id": "62086",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-12784",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003",
"trust": 0.8
},
{
"db": "IVD",
"id": "B4D56C60-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62796",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "VULHUB",
"id": "VHN-62796"
},
{
"db": "BID",
"id": "62086"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"id": "VAR-201309-0201",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "VULHUB",
"id": "VHN-62796"
}
],
"trust": 1.8659091
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
}
]
},
"last_update_date": "2025-04-11T23:01:45.709000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks, Inc. DNP3 Master Source Code Library",
"trust": 0.8,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"title": "Triangle MicroWorks multiple products based on patches for serial local denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/39293"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62796"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-240-01"
},
{
"trust": 2.6,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2794"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2794"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62086"
},
{
"trust": 0.3,
"url": "http://www.trianglemicroworks.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "VULHUB",
"id": "VHN-62796"
},
{
"db": "BID",
"id": "62086"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"db": "VULHUB",
"id": "VHN-62796"
},
{
"db": "BID",
"id": "62086"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-04T00:00:00",
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"date": "2013-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-62796"
},
{
"date": "2013-08-28T00:00:00",
"db": "BID",
"id": "62086"
},
{
"date": "2013-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"date": "2013-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"date": "2013-09-09T11:39:08.443000",
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12784"
},
{
"date": "2013-10-08T00:00:00",
"db": "VULHUB",
"id": "VHN-62796"
},
{
"date": "2013-08-28T00:00:00",
"db": "BID",
"id": "62086"
},
{
"date": "2013-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004003"
},
{
"date": "2014-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-537"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-2794"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "62086"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Triangle MicroWorks Service disruption in products (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004003"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b4d56c60-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-537"
}
],
"trust": 0.8
}
}
VAR-201309-0200
Vulnerability from variot - Updated: 2025-04-11 23:01Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). Triangle MicroWorks multiple product-related IP-based devices incorrectly verify input, allowing an attacker to exploit a vulnerability to submit a specially crafted TCP message to cause the software to cause an infinite loop, causing the process to crash and requiring a manual reboot to get normal functionality. Multiple Triangle MicroWorks products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected device, denying service to legitimate users. Note: This issue affects the IP connected devices. SDG is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server. DNP3 .NET Protocol components is a set of .NET framework components that support DNP3. DNP3 ANSI C source code libraries is a source code library based on the ANSI C standard
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.15.0000"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.15.0.369"
},
{
"model": ".net communication protocol components",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.06.0.171"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.00.0616"
},
{
"model": "ansi c source code libraries",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "3.06.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "trianglemicroworks",
"version": "2.50.0309"
},
{
"model": ".net protocol components",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.06.0.171 to 3.15.0.369"
},
{
"model": "ansi standard c source code libraries",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "3.06.0000 to 3.15.0000"
},
{
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "2.50.0309 to 3.00.0616"
},
{
"model": "microworks scada data gateway to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "2.50.03093.00.0616"
},
{
"model": "microworks dnp3 .net protocol components to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "3.06.0.1713.15.0.369"
},
{
"model": "microworks dnp3 ansi c source code libraries to",
"scope": "eq",
"trust": 0.6,
"vendor": "triangle",
"version": "3.06.00003.15.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.06.0.171"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "net communication protocol components",
"version": "3.15.0.369"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.06.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ansi c source code libraries",
"version": "3.15.0000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.50"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "2.50.0309"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scada data gateway",
"version": "3.00.0616"
}
],
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:.net_communication_protocol_components",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:ansi_c_source_code_libraries",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain of Automatak and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "62087"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
}
],
"trust": 0.9
},
"cve": "CVE-2013-2793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2793",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-12783",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "b4cce158-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-62795",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2793",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-2793",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-12783",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-536",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-62795",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "VULHUB",
"id": "VHN-62795"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. Triangle MicroWorks is a US-based company that uses single or third-party component products to communicate with peripherals/slave devices using various transport protocols (OPC Client, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, Modbus). Triangle MicroWorks multiple product-related IP-based devices incorrectly verify input, allowing an attacker to exploit a vulnerability to submit a specially crafted TCP message to cause the software to cause an infinite loop, causing the process to crash and requiring a manual reboot to get normal functionality. Multiple Triangle MicroWorks products are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected device, denying service to legitimate users. \nNote: This issue affects the IP connected devices. SDG is a set of data acquisition and supervisory control system (SCADA) gateway products integrated in the server. DNP3 .NET Protocol components is a set of .NET framework components that support DNP3. DNP3 ANSI C source code libraries is a source code library based on the ANSI C standard",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2793"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "BID",
"id": "62087"
},
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62795"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2793",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-240-01",
"trust": 3.1
},
{
"db": "BID",
"id": "62087",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-12783",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002",
"trust": 0.8
},
{
"db": "IVD",
"id": "B4CCE158-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62795",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "VULHUB",
"id": "VHN-62795"
},
{
"db": "BID",
"id": "62087"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"id": "VAR-201309-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "VULHUB",
"id": "VHN-62795"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
}
]
},
"last_update_date": "2025-04-11T23:01:45.670000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Triangle MicroWorks, Inc. DNP3 Master Source Code Library",
"trust": 0.8,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"title": "Triangle MicroWorks Multiple Products Patches for Denial of Service Vulnerabilities Based on IP-Specific TCP Packets",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/39294"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62795"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-240-01"
},
{
"trust": 2.3,
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2793"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62087"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "VULHUB",
"id": "VHN-62795"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"db": "VULHUB",
"id": "VHN-62795"
},
{
"db": "BID",
"id": "62087"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-04T00:00:00",
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"date": "2013-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-62795"
},
{
"date": "2013-08-28T00:00:00",
"db": "BID",
"id": "62087"
},
{
"date": "2013-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"date": "2013-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"date": "2013-09-09T11:39:08.427000",
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12783"
},
{
"date": "2013-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-62795"
},
{
"date": "2013-10-21T01:19:00",
"db": "BID",
"id": "62087"
},
{
"date": "2013-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004002"
},
{
"date": "2013-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-536"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-2793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Triangle MicroWorks Service disruption in products (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004002"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b4cce158-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-536"
}
],
"trust": 0.8
}
}
VAR-202004-0075
Vulnerability from variot - Updated: 2024-11-23 21:51Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company. The vulnerability stems from the lack of correct verification of user-provided data
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "scada data gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.41.0213"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": ".net protocol components version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "ansi c source code libraries version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "software version 2.41.0213 \u304b\u3089 4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": null,
"trust": 0.7,
"vendor": "triangle microworks",
"version": null
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "3.02.0697,\u003c=4.0.122"
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "2.41.0213,\u003c=4.0.122"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10613"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:dnp3_outstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
]
},
"credits": {
"_id": null,
"data": "Tobias Scharnowski, Niklas Breitfeld, and Ali Abbasi",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10613",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10613",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-28051",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163109",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10613",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10613",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "Critical"
},
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10613",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-10613",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-28051",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-947",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163109",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-10613",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "VULHUB",
"id": "VHN-163109"
},
{
"db": "VULMON",
"id": "CVE-2020-10613"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
},
{
"db": "NVD",
"id": "CVE-2020-10613"
}
]
},
"description": {
"_id": null,
"data": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company. The vulnerability stems from the lack of correct verification of user-provided data",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10613"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "VULHUB",
"id": "VHN-163109"
},
{
"db": "VULMON",
"id": "CVE-2020-10613"
}
],
"trust": 2.97
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10613",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-03",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-20-548",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-02",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93838113",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10300",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-28051",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47775",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1310",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-163109",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-10613",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "VULHUB",
"id": "VHN-163109"
},
{
"db": "VULMON",
"id": "CVE-2020-10613"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
},
{
"db": "NVD",
"id": "CVE-2020-10613"
}
]
},
"id": "VAR-202004-0075",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "VULHUB",
"id": "VHN-163109"
}
],
"trust": 1.5636364
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28051"
}
]
},
"last_update_date": "2024-11-23T21:51:36.283000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Support Request: .NET Protocol Components",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/dotnet-protocol-components"
},
{
"title": "Support Request: Source Code Library",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/source-code-libraries"
},
{
"title": "Support Request: SCADA Data Gateway",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/scada-data-gateway"
},
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway buffer error vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217385"
},
{
"title": "Triangle MicroWorks SCADA Data Gateway Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117121"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 0.8
},
{
"problemtype": "CWE-843",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10613"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.5,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-548/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10611"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10613"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10615"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6996"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-02"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93838113/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47775"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10613"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1310/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179593"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-548"
},
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "VULHUB",
"id": "VHN-163109"
},
{
"db": "VULMON",
"id": "CVE-2020-10613"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
},
{
"db": "NVD",
"id": "CVE-2020-10613"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-548",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-28051",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163109",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2020-10613",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10613",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-548",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28051",
"ident": null
},
{
"date": "2020-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-163109",
"ident": null
},
{
"date": "2020-04-15T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10613",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-947",
"ident": null
},
{
"date": "2020-04-15T19:15:13.690000",
"db": "NVD",
"id": "CVE-2020-10613",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-548",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28051",
"ident": null
},
{
"date": "2020-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-163109",
"ident": null
},
{
"date": "2020-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10613",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-947",
"ident": null
},
{
"date": "2024-11-21T04:55:42.027000",
"db": "NVD",
"id": "CVE-2020-10613",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Triangle MicroWorks SCADA Data Gateway buffer error vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28051"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
}
],
"trust": 1.2
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-947"
}
],
"trust": 0.6
}
}
VAR-202004-0074
Vulnerability from variot - Updated: 2024-11-23 21:51Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "scada data gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.41.0213"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": ".net protocol components version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "ansi c source code libraries version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "software version 2.41.0213 \u304b\u3089 4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": null,
"trust": 0.7,
"vendor": "triangle microworks",
"version": null
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "3.02.0697,\u003c=4.0.122"
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "2.41.0213,\u003c=4.0.122"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10611"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:dnp3_outstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
]
},
"credits": {
"_id": null,
"data": "Tobias Scharnowski, Niklas Breitfeld, and Ali Abbasi",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10611",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10611",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-28050",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163107",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10611",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10611",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "Critical"
},
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10611",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2020-10611",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2020-28050",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-945",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163107",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-10611",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "VULHUB",
"id": "VHN-163107"
},
{
"db": "VULMON",
"id": "CVE-2020-10611"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-945"
},
{
"db": "NVD",
"id": "CVE-2020-10611"
}
]
},
"description": {
"_id": null,
"data": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10611"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "VULHUB",
"id": "VHN-163107"
},
{
"db": "VULMON",
"id": "CVE-2020-10611"
}
],
"trust": 2.97
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10611",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-03",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-20-549",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-02",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93838113",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10301",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-945",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-28050",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1310",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47417",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-163107",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-10611",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "VULHUB",
"id": "VHN-163107"
},
{
"db": "VULMON",
"id": "CVE-2020-10611"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-945"
},
{
"db": "NVD",
"id": "CVE-2020-10611"
}
]
},
"id": "VAR-202004-0074",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "VULHUB",
"id": "VHN-163107"
}
],
"trust": 1.5636364
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28050"
}
]
},
"last_update_date": "2024-11-23T21:51:36.244000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Support Request: .NET Protocol Components",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/dotnet-protocol-components"
},
{
"title": "Support Request: Source Code Library",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/source-code-libraries"
},
{
"title": "Support Request: SCADA Data Gateway",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/scada-data-gateway"
},
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway Type Confusion Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217387"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-843",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 0.8
},
{
"problemtype": "CWE-125",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163107"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10611"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.5,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-549/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10611"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10613"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10615"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6996"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-02"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93838113/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10611"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47417"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1310/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/843.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179594"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-549"
},
{
"db": "CNVD",
"id": "CNVD-2020-28050"
},
{
"db": "VULHUB",
"id": "VHN-163107"
},
{
"db": "VULMON",
"id": "CVE-2020-10611"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-945"
},
{
"db": "NVD",
"id": "CVE-2020-10611"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-549",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-28050",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163107",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2020-10611",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-945",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10611",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-549",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28050",
"ident": null
},
{
"date": "2020-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-163107",
"ident": null
},
{
"date": "2020-04-15T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10611",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-945",
"ident": null
},
{
"date": "2020-04-15T19:15:13.613000",
"db": "NVD",
"id": "CVE-2020-10611",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-549",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28050",
"ident": null
},
{
"date": "2020-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-163107",
"ident": null
},
{
"date": "2020-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10611",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-08-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-945",
"ident": null
},
{
"date": "2024-11-21T04:55:41.810000",
"db": "NVD",
"id": "CVE-2020-10611",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-945"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Triangle MicroWorks Product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-945"
}
],
"trust": 0.6
}
}
VAR-202004-0076
Vulnerability from variot - Updated: 2024-11-23 21:51Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this vulnerablity to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company. The vulnerability stems from the program's failure to correctly verify the length of data provided by users. A remote attacker can use the specially crafted input to exploit the vulnerability and cause a denial of service
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "scada data gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "trianglemicroworks",
"version": "2.41.0213"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": ".net protocol components version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "dnp3 outstation",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "ansi c source code libraries version 3.16.00 \u304b\u3089 3.25.01"
},
{
"_id": null,
"model": "scada data gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "triangle microworks",
"version": "software version 2.41.0213 \u304b\u3089 4.0.122"
},
{
"_id": null,
"model": "scada data gateway",
"scope": null,
"trust": 0.7,
"vendor": "triangle microworks",
"version": null
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "3.02.0697,\u003c=4.0.122"
},
{
"_id": null,
"model": "microworks scada data gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "triangle",
"version": "2.41.0213,\u003c=4.0.122"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10615"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:trianglemicroworks:dnp3_outstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trianglemicroworks:scada_data_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
]
},
"credits": {
"_id": null,
"data": "Incite Team: Steven Seeley and Chris Anastasio",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10615",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10615",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-28052",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-163111",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10615",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003486",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10615",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "Critical"
},
{
"author": "IPA",
"id": "JVNDB-2020-003486",
"trust": 1.6,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10615",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-10615",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2020-28052",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-953",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163111",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "VULHUB",
"id": "VHN-163111"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
},
{
"db": "NVD",
"id": "CVE-2020-10615"
}
]
},
"description": {
"_id": null,
"data": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this vulnerablity to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company. The vulnerability stems from the program\u0027s failure to correctly verify the length of data provided by users. A remote attacker can use the specially crafted input to exploit the vulnerability and cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10615"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "VULHUB",
"id": "VHN-163111"
}
],
"trust": 2.88
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10615",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-03",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-20-547",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-02",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93838113",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10266",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-28052",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1310",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47381",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-163111",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "VULHUB",
"id": "VHN-163111"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
},
{
"db": "NVD",
"id": "CVE-2020-10615"
}
]
},
"id": "VAR-202004-0076",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "VULHUB",
"id": "VHN-163111"
}
],
"trust": 1.5636364
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28052"
}
]
},
"last_update_date": "2024-11-23T21:51:36.202000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Support Request: .NET Protocol Components",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/dotnet-protocol-components"
},
{
"title": "Support Request: Source Code Library",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/source-code-libraries"
},
{
"title": "Support Request: SCADA Data Gateway",
"trust": 0.8,
"url": "https://www.trianglemicroworks.com/support/scada-data-gateway"
},
{
"title": "Triangle MicroWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"title": "Patch for Triangle MicroWorks SCADA Data Gateway buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217383"
},
{
"title": "Triangle MicroWorks SCADA Data Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117123"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.8
},
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-125",
"trust": 0.8
},
{
"problemtype": "CWE-843",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163111"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "NVD",
"id": "CVE-2020-10615"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-547/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10611"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10613"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10615"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6996"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-02"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93838113/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10615"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47381"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1310/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-547"
},
{
"db": "CNVD",
"id": "CNVD-2020-28052"
},
{
"db": "VULHUB",
"id": "VHN-163111"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
},
{
"db": "NVD",
"id": "CVE-2020-10615"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-547",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-28052",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163111",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-953",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10615",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-547",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28052",
"ident": null
},
{
"date": "2020-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-163111",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-953",
"ident": null
},
{
"date": "2020-04-15T19:15:13.753000",
"db": "NVD",
"id": "CVE-2020-10615",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "ZDI",
"id": "ZDI-20-547",
"ident": null
},
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28052",
"ident": null
},
{
"date": "2020-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-163111",
"ident": null
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003486",
"ident": null
},
{
"date": "2020-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-953",
"ident": null
},
{
"date": "2024-11-21T04:55:42.243000",
"db": "NVD",
"id": "CVE-2020-10615",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Triangle MicroWorks Product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003486"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-953"
}
],
"trust": 0.6
}
}
CVE-2022-0369 (GCVE-0-2022-0369)
Vulnerability from nvd – Published: 2024-05-07 22:54 – Updated: 2024-08-02 23:25
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227.
Severity ?
7.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.01.01
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.01.01:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:07:32.283678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:09:35.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"dateAssigned": "2022-01-25T16:23:37.257-06:00",
"datePublic": "2023-04-14T14:00:47.542-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-07T22:54:55.247Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"source": {
"lang": "en",
"value": "Steven Seeley (mr_me) and Chris Anastasio (muffin) of Incite Team"
},
"title": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-0369",
"datePublished": "2024-05-07T22:54:55.247Z",
"dateReserved": "2022-01-25T22:22:48.663Z",
"dateUpdated": "2024-08-02T23:25:40.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39468 (GCVE-0-2023-39468)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799.
Severity ?
7.2 (High)
CWE
- CWE-749 - Exposed Dangerous Method or Function
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:19:46.064913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:09.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1036",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.433-05:00",
"datePublic": "2023-08-04T13:44:48.544-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:30.325Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1036",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39468",
"datePublished": "2024-05-03T01:59:30.325Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39467 (GCVE-0-2023-39467)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798.
Severity ?
5.3 (Medium)
CWE
- CWE-219 - Storage of File with Sensitive Data Under Web Root
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-07T19:22:23.242020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:51.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1035",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.427-05:00",
"datePublic": "2023-08-04T13:43:42.003-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-219",
"description": "CWE-219: Storage of File with Sensitive Data Under Web Root",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:29.616Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1035",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39467",
"datePublished": "2024-05-03T01:59:29.616Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39466 (GCVE-0-2023-39466)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797.
Severity ?
5.3 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:12:42.172392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:15:39.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1034",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.422-05:00",
"datePublic": "2023-08-04T13:42:39.807-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:28.811Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1034",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39466",
"datePublished": "2024-05-03T01:59:28.811Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39465 (GCVE-0-2023-39465)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615.
Severity ?
7.5 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39465",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T15:37:18.521094Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:05.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1033",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.416-05:00",
"datePublic": "2023-08-04T13:41:33.328-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:28.085Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1033",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39465",
"datePublished": "2024-05-03T01:59:28.085Z",
"dateReserved": "2023-08-02T21:37:23.122Z",
"dateUpdated": "2024-08-02T18:10:21.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39464 (GCVE-0-2023-39464)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538.
Severity ?
7.2 (High)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:13:49.483707Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:11.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1032",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.411-05:00",
"datePublic": "2023-08-04T13:40:15.323-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:27.382Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1032",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Team ECQ"
},
"title": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39464",
"datePublished": "2024-05-03T01:59:27.382Z",
"dateReserved": "2023-08-02T21:37:23.122Z",
"dateUpdated": "2024-08-02T18:10:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39463 (GCVE-0-2023-39463)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537.
Severity ?
7.2 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:16:15.340389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:02.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1031",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.406-05:00",
"datePublic": "2023-08-04T13:39:23.964-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:26.598Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1031",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Team ECQ"
},
"title": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39463",
"datePublished": "2024-05-03T01:59:26.598Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39462 (GCVE-0-2023-39462)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536.
Severity ?
6.5 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39462",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:16:53.971929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:04.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1030",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.400-05:00",
"datePublic": "2023-08-04T13:37:32.567-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:25.792Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1030",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39462",
"datePublished": "2024-05-03T01:59:25.792Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39461 (GCVE-0-2023-39461)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535.
Severity ?
4.4 (Medium)
CWE
- CWE-117 - Improper Output Neutralization for Logs
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39461",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:12:41.966123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:58.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1029",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.394-05:00",
"datePublic": "2023-08-04T13:37:00.078-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117: Improper Output Neutralization for Logs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:25.080Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1029",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39461",
"datePublished": "2024-05-03T01:59:25.080Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39460 (GCVE-0-2023-39460)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 18:10
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534.
Severity ?
7.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.1.3.20324
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39460",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:18:57.800496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:58.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1028",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.388-05:00",
"datePublic": "2023-08-04T13:35:57.232-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:24.376Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1028",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39460",
"datePublished": "2024-05-03T01:59:24.376Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0369 (GCVE-0-2022-0369)
Vulnerability from cvelistv5 – Published: 2024-05-07 22:54 – Updated: 2024-08-02 23:25
VLAI?
Title
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
Summary
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227.
Severity ?
7.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Affected:
5.01.01
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.01.01:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:07:32.283678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:09:35.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"dateAssigned": "2022-01-25T16:23:37.257-06:00",
"datePublic": "2023-04-14T14:00:47.542-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-07T22:54:55.247Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"source": {
"lang": "en",
"value": "Steven Seeley (mr_me) and Chris Anastasio (muffin) of Incite Team"
},
"title": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-0369",
"datePublished": "2024-05-07T22:54:55.247Z",
"dateReserved": "2022-01-25T22:22:48.663Z",
"dateUpdated": "2024-08-02T23:25:40.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}