VDE-2024-063

Vulnerability from csaf_pepperlfuchsse - Published: 2024-10-08 12:00 - Updated: 2025-05-14 12:28
Summary
PEPPERL+FUCHS: Multiple products are affected by regreSSHion
Notes
Summary: The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this vulnerability to gain root access to the device.
Impact: An unauthenticated remote attacker can • read files from the device • modify or delete data on the device • can interrupt the device functionality
Remediation: Update to the Firmware version 1.15.0.0. A firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.
CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

8.1 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Vendor Fix Update to the Firmware version 1.15.0.0. A firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.
References
Acknowledgments
CERT@VDE certvde.com
Pepperl+Fuchs SE pepperl-fuchs.com/cybersecurity
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "organization": "Pepperl+Fuchs SE",
        "summary": "reporting",
        "urls": [
          "https://pepperl-fuchs.com/cybersecurity"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this vulnerability to gain root access to the device.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "An unauthenticated remote attacker can\n\n\u2022 read files from the device\n\n\u2022 modify or delete data on the device\n\n\u2022 can interrupt the device functionality\n",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Update to the Firmware version 1.15.0.0.\n\nA firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "cert@pepperl-fuchs.com",
      "name": "Pepperl+Fuchs SE",
      "namespace": "https://www.pepperl-fuchs.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Pepperl+Fuchs PSIRT",
        "url": "https://pepperl-fuchs.com/cybersecurity"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
        "url": "https://certvde.com/en/advisories/vendor/Pepperl+Fuchs"
      },
      {
        "category": "self",
        "summary": "VDE-2024-063: PEPPERL+FUCHS: Multiple products are affected by regreSSHion - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-063"
      },
      {
        "category": "self",
        "summary": "VDE-2024-063: PEPPERL+FUCHS: Multiple products are affected by regreSSHion - CSAF",
        "url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-063.json"
      }
    ],
    "title": "PEPPERL+FUCHS: Multiple products are affected by regreSSHion",
    "tracking": {
      "aliases": [
        "VDE-2024-063"
      ],
      "current_release_date": "2025-05-14T12:28:19.000Z",
      "generator": {
        "date": "2024-10-07T09:17:55.689Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.11"
        }
      },
      "id": "VDE-2024-063",
      "initial_release_date": "2024-10-08T12:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-10-02T10:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2024-11-06T11:27:01.000Z",
          "number": "2",
          "summary": "Fix: correct certvde domain, added self-reference"
        },
        {
          "date": "2025-05-14T12:28:19.000Z",
          "number": "3",
          "summary": "Fix: version space, added distribution"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_name",
                    "name": "VSE1000-F400-B12-A1000",
                    "product": {
                      "name": "VSE1000-F400-B12-A1000",
                      "product_id": "CSAFPID-11001",
                      "product_identification_helper": {
                        "model_numbers": [
                          "70123992-100000"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "VSE2000-F400-B12-A1000",
                    "product": {
                      "name": "VSE2000-F400-B12-A1000",
                      "product_id": "CSAFPID-11002",
                      "product_identification_helper": {
                        "model_numbers": [
                          "70123992-100001"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "VSE3000-F400-B12-A1000",
                    "product": {
                      "name": "VSE3000-F400-B12-A1000",
                      "product_id": "CSAFPID-11003",
                      "product_identification_helper": {
                        "model_numbers": [
                          "70123992-100002"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "VTE7500-F400-B12-A1500",
                    "product": {
                      "name": "VTE7500-F400-B12-A1500",
                      "product_id": "CSAFPID-11004",
                      "product_identification_helper": {
                        "model_numbers": [
                          "70123993-100000"
                        ]
                      }
                    }
                  }
                ],
                "category": "product_family",
                "name": "3D-Vision-Sensors"
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version",
                    "name": "1.15.0.0",
                    "product": {
                      "name": "Firmware 3D-Vision-Sensors 1.15.0.0",
                      "product_id": "CSAFPID-22001"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "\u003c1.15.0.0",
                    "product": {
                      "name": "Firmware 3D-Vision-Sensors \u003c1.15.0.0",
                      "product_id": "CSAFPID-21001"
                    }
                  }
                ],
                "category": "product_family",
                "name": "3D-Vision-Sensors"
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Pepperl+Fuchs"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW \u003c1.15.0.0 installed on VSE1000-F400-B12-A1000",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW \u003c1.15.0.0 installed on VSE2000-F400-B12-A1000",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW \u003c1.15.0.0 installed on VSE3000-F400-B12-A1000",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW \u003c1.15.0.0 installed on VTE7500-F400-B12-A1500",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW 1.15.0.0 installed on VSE1000-F400-B12-A1000",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW 1.15.0.0 installed on VSE2000-F400-B12-A1000",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW 1.15.0.0 installed on VSE3000-F400-B12-A1000",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "FW 1.15.0.0 installed on VTE7500-F400-B12-A1500",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to the Firmware version 1.15.0.0.\n\nA firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2024-6387"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.