Schneider Electric APC Easy UPS Online Monitoring Software Unauthenticated RMI Calls (CVE-2023-28411)

critical Nessus Plugin ID 176356

Synopsis

A web application is missing authentication for critical functions.

Description

The Schneider Electric APC Easy UPS Online Monitoring Software running on the remote host is missing authentication for critical functions. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to invoke methods of remote Java objects via RMI.

Solution

Apply remediation in accordance with the vendor advisory.

See Also

http://www.nessus.org/u?a62b54f7

https://www.cisa.gov/news-events/ics-advisories/icsa-23-108-02

Plugin Details

Severity: Critical

ID: 176356

File Name: schneider_electric_ups_monitoring_software_unauth_rmi.nbin

Version: 1.15

Type: remote

Family: SCADA

Published: 5/25/2023

Updated: 5/20/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-29411

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:schneider-electric:apc_easy_ups_online_software

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 4/11/2023

Vulnerability Publication Date: 4/11/2023

Reference Information

CVE: CVE-2023-29411

ICSA: 23-108-02

TRA: TRA-2023-15

ZDI: ZDI-23-444