Detections
Analytics
Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d Authentication Bypass (CVE-2023-4957)
medium Tenable OT Security Plugin ID 502253
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Zebra printers running Link-OS v6.0 and later have a protected mode that protects the printer from this vulnerability. Activating this mode disables unauthorized changes and locks the current configuration until an administrator authorizes updates. By default, the secure mode is disabled as it is necessary to generate a password first.For more information about the protected mode and to apply it to Zebra printer products that may be affected, see the Link-OS Printer Administration Guide.
See Also
Plugin Details
Severity: Medium
ID: 502253
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 5/6/2024
Updated: 5/7/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 1.4
CVSS v2
Risk Factor: Low
Base Score: 3.3
Temporal Score: 2.4
Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2023-4957
CVSS v3
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.8
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:zebra:zt410_firmware:-
Required KB Items: Tenable.ot/Zebra
Exploit Ease: No known exploits are available
Patch Publication Date: 10/11/2023
Vulnerability Publication Date: 10/11/2023
Reference Information
CVE: CVE-2023-4957
CWE: 288