Vulnerabilites related to trianglemicroworks - scada_data_gateway
Vulnerability from fkie_nvd
Published
2013-09-09 11:39
Modified
2025-04-11 00:51
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | .net_communication_protocol_components | 3.06.0.171 | |
| trianglemicroworks | .net_communication_protocol_components | 3.15.0.369 | |
| trianglemicroworks | ansi_c_source_code_libraries | 3.06.0000 | |
| trianglemicroworks | ansi_c_source_code_libraries | 3.15.0000 | |
| trianglemicroworks | scada_data_gateway | 2.50 | |
| trianglemicroworks | scada_data_gateway | 2.50.0309 | |
| trianglemicroworks | scada_data_gateway | 3.00.0616 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.06.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDA2B53-1513-4DDF-B325-025FEFA5E16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.15.0.369:*:*:*:*:*:*:*",
"matchCriteriaId": "045F45E6-DB41-4D65-968B-CD04596004D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.06.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "7DECC05A-BB49-47AD-841A-0D16582C3BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.15.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB98E06-B56D-4168-A94C-8D7FCBA58FEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D2626C47-B68A-4A21-B5A2-9D64A28A7120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2B52D-B324-4115-A3BB-51E3BF97758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:*:*:*:*:*:*:*",
"matchCriteriaId": "7C679459-44C7-454C-9894-87ABE1F710F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 hasta 3.00.0616 , Componentes de Protocolo DNP3 .NET 3.06.0.171 hasta 3.15.0.369 y Librer\u00edas C DNP3 3.06.0000 hasta 3.15.0000 permiten a un atacante remoto causar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un paquete TCP DNP3 manipulado."
}
],
"id": "CVE-2013-2793",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-09T11:39:08.427",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E52553E2-31EB-48D8-AB17-167CE092FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531."
},
{
"lang": "es",
"value": "Vulnerabilidad de creaci\u00f3n de archivos arbitrarios Directory Traversal de puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos crear archivos arbitrarios en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el procesamiento de archivos del espacio de trabajo. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para crear archivos en el contexto del Administrador. Era ZDI-CAN-20531."
}
],
"id": "CVE-2023-39459",
"lastModified": "2025-06-17T21:03:44.860",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:10.987",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1027/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1027/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway Uso de vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n clave criptogr\u00e1fica codificada. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la clase TmwCrypto. El problema se debe al uso de una clave criptogr\u00e1fica codificada y el uso de un certificado codificado. Un atacante puede aprovechar esta vulnerabilidad para revelar informaci\u00f3n confidencial. Era ZDI-CAN-20615."
}
],
"id": "CVE-2023-39465",
"lastModified": "2025-06-17T21:03:22.110",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:12.030",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-30 23:55
Modified
2025-04-12 10:46
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A505671F-8C57-47A2-89D4-DC6186F5D7DA",
"versionEndIncluding": "3.00.0633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D2626C47-B68A-4A21-B5A2-9D64A28A7120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2B52D-B324-4115-A3BB-51E3BF97758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9406C4EC-5758-458D-8354-6736CA78A660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "EB915370-216E-40DC-AEF5-634230394E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0515:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5498C-D5F0-43F7-A536-AB65B4DEB49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0516:*:*:*:*:*:*:*",
"matchCriteriaId": "2099DFC5-F241-4C47-9A17-FE40101A4570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0517:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E898A9-7F0E-453C-8509-75E7E1290382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0518:*:*:*:*:*:*:*",
"matchCriteriaId": "E513983A-C6A2-4E07-874B-880F7A013D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0528:*:*:*:*:*:*:*",
"matchCriteriaId": "D6861F70-5798-4B41-BE94-BECCF16752BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0529:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5722CA-130A-46B3-9A30-9661069890AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0536:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E625A4-30E4-4D5B-81B2-B0B0569948DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0540:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6D03B5-2E8C-49E9-8A18-F367F72A4D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0544:*:*:*:*:*:*:*",
"matchCriteriaId": "AF59F8E0-C4BA-4658-9B91-BACD59B9C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0545:*:*:*:*:*:*:*",
"matchCriteriaId": "BD36BB8A-C840-494B-835C-98EB0075CA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0552:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDB5301-887B-4950-A918-113B75D2BDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0553:*:*:*:*:*:*:*",
"matchCriteriaId": "76BF9332-5F3E-4230-A742-2019B2DCEB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0558:*:*:*:*:*:*:*",
"matchCriteriaId": "1610F5AE-3BB1-4BDB-8C88-A2B83DBE39C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0561:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2A4B7A-D8DA-4A1E-8506-A2D377E7568D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0562:*:*:*:*:*:*:*",
"matchCriteriaId": "90EA0A71-B4C7-4F54-A439-4B0FA9637410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0564:*:*:*:*:*:*:*",
"matchCriteriaId": "71B02213-096E-4CA2-8528-64E83EA06D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0565:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA1B917-A27E-4043-BD74-534B13916F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0566:*:*:*:*:*:*:*",
"matchCriteriaId": "378C61EE-9420-42D3-9DA2-71F2D459ACE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0567:*:*:*:*:*:*:*",
"matchCriteriaId": "CA21BE3B-6C2E-4479-A9A0-E3966741B832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0569:*:*:*:*:*:*:*",
"matchCriteriaId": "49C97936-8AF3-41D8-8D6B-F6C9C5F4B002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0570:*:*:*:*:*:*:*",
"matchCriteriaId": "D3175298-E0A4-4571-BDCC-FDA81675BC67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0571:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF8DF0-93D1-4ACA-BA78-B6DE0080AD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0572:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5F9B2-38C5-45AC-9A33-80E61BAF0E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0573:*:*:*:*:*:*:*",
"matchCriteriaId": "00666362-AD62-4942-96E8-C08BF087E34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0574:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC82C89-7D15-452D-8610-23F3952487E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0575:*:*:*:*:*:*:*",
"matchCriteriaId": "3D15DD91-4F01-4B95-8F9A-C4848800BDBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0576:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF57506-CC34-473C-8165-CB26194E80BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0577:*:*:*:*:*:*:*",
"matchCriteriaId": "CC480C77-1950-4C3A-B77E-D2C2AC59FE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0578:*:*:*:*:*:*:*",
"matchCriteriaId": "2044B8C6-D0C6-4A1E-9798-19912FFAE097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0579:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4B1C5-CE06-4082-9534-513BB99D7D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0580:*:*:*:*:*:*:*",
"matchCriteriaId": "15E62697-E6BD-4796-9470-F6E125CD3F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0581:*:*:*:*:*:*:*",
"matchCriteriaId": "299D658E-143A-4556-A6FF-37EDA07828CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0582:*:*:*:*:*:*:*",
"matchCriteriaId": "7619010A-954E-4F5D-8DDB-0ED652E2A306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0583:*:*:*:*:*:*:*",
"matchCriteriaId": "C042A0EB-AB96-4FD2-A19E-4E9101C2C63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0584:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B7B997-4D7F-4A34-822A-3AF52A4FA715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0586:*:*:*:*:*:*:*",
"matchCriteriaId": "3E073D1B-4FBF-4DE2-AA5A-1EE8774D20FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0587:*:*:*:*:*:*:*",
"matchCriteriaId": "2285B98B-3E80-4C5B-9D7D-DA7C250FBAD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0588:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC58901-067E-485B-9723-9F344F306C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0589:*:*:*:*:*:*:*",
"matchCriteriaId": "E4583789-CC14-48BB-83B5-AF1B6896B10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0590:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEC3409-0CED-41A8-8718-B0EFCA85DA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0591:*:*:*:*:*:*:*",
"matchCriteriaId": "B4AEB67C-7DAF-44D2-BB32-FD9E86D8EA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0592:*:*:*:*:*:*:*",
"matchCriteriaId": "383DA8F4-1DDD-43A9-8A53-721F5F449CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0594:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD95D30-4502-44EB-9C0C-D9A45CD24E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0595:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F60297-9FA4-47F6-98AF-B9662568D76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0596:*:*:*:*:*:*:*",
"matchCriteriaId": "4E593FD2-7158-40D0-9F44-01C06BF96F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0597:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A435F-8C6D-4584-8DB9-4A0C515F6D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0598:*:*:*:*:*:*:*",
"matchCriteriaId": "5F210B77-F989-4931-AFBF-CEC2A175FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0599:*:*:*:*:*:*:*",
"matchCriteriaId": "36BBE6AE-BEE1-441B-A5A4-30BD7FCFBF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F74C4546-500F-405C-B585-6F6C07065808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0612:*:*:*:*:*:*:*",
"matchCriteriaId": "948521F4-CA30-4269-8A98-96F9AD004150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0615:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9853CB-38CC-419D-A9F8-EDDA2F6CE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:*:*:*:*:*:*:*",
"matchCriteriaId": "7C679459-44C7-454C-9894-87ABE1F710F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0630:*:*:*:*:*:*:*",
"matchCriteriaId": "CD169173-9189-42BE-A741-955889E44FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway anterior a 3.00.0635 permite a atacantes remotos causar una denegaci\u00f3n de servicio (procesamiento de datos excesivo) a trav\u00e9s de una paquete DNP3 manipulado."
}
],
"id": "CVE-2014-2342",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-30T23:55:02.707",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway Registro de eventos Neutralizaci\u00f3n de salida inadecuada para registros Vulnerabilidad de escritura de archivos arbitrarios. Esta vulnerabilidad permite a atacantes remotos escribir archivos arbitrarios en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe en el manejo de registros de eventos. El problema se debe a una sanitizaci\u00f3n inadecuada de la salida de registros. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo en el contexto ra\u00edz. Era ZDI-CAN-20535."
}
],
"id": "CVE-2023-39461",
"lastModified": "2025-06-17T21:03:37.467",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:11.363",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-117"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en ruta de b\u00fasqueda sin comillas. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe en la configuraci\u00f3n del servicio GTWWebMonitorService. La ruta al ejecutable del servicio contiene espacios que no est\u00e1n entre comillas. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto de la ra\u00edz. Era ZDI-CAN-20538."
}
],
"id": "CVE-2023-39464",
"lastModified": "2025-06-17T21:03:26.297",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:11.870",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-15 19:15
Modified
2024-11-21 04:55
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.zerodayinitiative.com/advisories/ZDI-20-547/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-547/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F22582F-32D4-4E3A-AF76-CDB180CC0D03",
"versionEndIncluding": "4.0.122",
"versionStartIncluding": "2.41.0213",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway versiones 3.02.0697 hasta 4.0.122, versiones 2.41.0213 hasta 4.0.122, permite a atacantes remotos causar una condici\u00f3n de denegaci\u00f3n de servicio debido a la falta de una comprobaci\u00f3n apropiada de la longitud de datos suministrados por el usuario, antes de copiar en un b\u00fafer en la regi\u00f3n stack de la memoria de longitud fija. No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad."
}
],
"id": "CVE-2020-10615",
"lastModified": "2024-11-21T04:55:42.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-15T19:15:13.753",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-07 07:15
Modified
2024-11-21 07:58
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A763593D-AA02-4DF7-9D24-A88EB254594D",
"versionEndIncluding": "5.01.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u003c= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution."
}
],
"id": "CVE-2023-2186",
"lastModified": "2024-11-21T07:58:06.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-07T07:15:08.490",
"references": [
{
"source": "trellixpsirt@trellix.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-15 19:15
Modified
2024-11-21 04:55
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.zerodayinitiative.com/advisories/ZDI-20-548/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-548/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F22582F-32D4-4E3A-AF76-CDB180CC0D03",
"versionEndIncluding": "4.0.122",
"versionStartIncluding": "2.41.0213",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway versiones 3.02.0697 hasta 4.0.122, versiones 2.41.0213 hasta 4.0.122, permite a atacantes remotos divulgar informaci\u00f3n confidencial debido a la falta de comprobaci\u00f3n apropiada de los datos suministrados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de una estructura asignada. No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad. Solo aplicable a instalaciones que utilizan DNP3 Data Sets."
}
],
"id": "CVE-2020-10613",
"lastModified": "2024-11-21T04:55:42.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-15T19:15:13.690",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-30 23:55
Modified
2025-04-12 10:46
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A505671F-8C57-47A2-89D4-DC6186F5D7DA",
"versionEndIncluding": "3.00.0633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D2626C47-B68A-4A21-B5A2-9D64A28A7120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2B52D-B324-4115-A3BB-51E3BF97758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9406C4EC-5758-458D-8354-6736CA78A660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "EB915370-216E-40DC-AEF5-634230394E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0515:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5498C-D5F0-43F7-A536-AB65B4DEB49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0516:*:*:*:*:*:*:*",
"matchCriteriaId": "2099DFC5-F241-4C47-9A17-FE40101A4570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0517:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E898A9-7F0E-453C-8509-75E7E1290382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0518:*:*:*:*:*:*:*",
"matchCriteriaId": "E513983A-C6A2-4E07-874B-880F7A013D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0528:*:*:*:*:*:*:*",
"matchCriteriaId": "D6861F70-5798-4B41-BE94-BECCF16752BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0529:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5722CA-130A-46B3-9A30-9661069890AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0536:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E625A4-30E4-4D5B-81B2-B0B0569948DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0540:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6D03B5-2E8C-49E9-8A18-F367F72A4D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0544:*:*:*:*:*:*:*",
"matchCriteriaId": "AF59F8E0-C4BA-4658-9B91-BACD59B9C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0545:*:*:*:*:*:*:*",
"matchCriteriaId": "BD36BB8A-C840-494B-835C-98EB0075CA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0552:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDB5301-887B-4950-A918-113B75D2BDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0553:*:*:*:*:*:*:*",
"matchCriteriaId": "76BF9332-5F3E-4230-A742-2019B2DCEB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0558:*:*:*:*:*:*:*",
"matchCriteriaId": "1610F5AE-3BB1-4BDB-8C88-A2B83DBE39C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0561:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2A4B7A-D8DA-4A1E-8506-A2D377E7568D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0562:*:*:*:*:*:*:*",
"matchCriteriaId": "90EA0A71-B4C7-4F54-A439-4B0FA9637410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0564:*:*:*:*:*:*:*",
"matchCriteriaId": "71B02213-096E-4CA2-8528-64E83EA06D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0565:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA1B917-A27E-4043-BD74-534B13916F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0566:*:*:*:*:*:*:*",
"matchCriteriaId": "378C61EE-9420-42D3-9DA2-71F2D459ACE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0567:*:*:*:*:*:*:*",
"matchCriteriaId": "CA21BE3B-6C2E-4479-A9A0-E3966741B832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0569:*:*:*:*:*:*:*",
"matchCriteriaId": "49C97936-8AF3-41D8-8D6B-F6C9C5F4B002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0570:*:*:*:*:*:*:*",
"matchCriteriaId": "D3175298-E0A4-4571-BDCC-FDA81675BC67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0571:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF8DF0-93D1-4ACA-BA78-B6DE0080AD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0572:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5F9B2-38C5-45AC-9A33-80E61BAF0E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0573:*:*:*:*:*:*:*",
"matchCriteriaId": "00666362-AD62-4942-96E8-C08BF087E34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0574:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC82C89-7D15-452D-8610-23F3952487E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0575:*:*:*:*:*:*:*",
"matchCriteriaId": "3D15DD91-4F01-4B95-8F9A-C4848800BDBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0576:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF57506-CC34-473C-8165-CB26194E80BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0577:*:*:*:*:*:*:*",
"matchCriteriaId": "CC480C77-1950-4C3A-B77E-D2C2AC59FE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0578:*:*:*:*:*:*:*",
"matchCriteriaId": "2044B8C6-D0C6-4A1E-9798-19912FFAE097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0579:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4B1C5-CE06-4082-9534-513BB99D7D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0580:*:*:*:*:*:*:*",
"matchCriteriaId": "15E62697-E6BD-4796-9470-F6E125CD3F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0581:*:*:*:*:*:*:*",
"matchCriteriaId": "299D658E-143A-4556-A6FF-37EDA07828CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0582:*:*:*:*:*:*:*",
"matchCriteriaId": "7619010A-954E-4F5D-8DDB-0ED652E2A306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0583:*:*:*:*:*:*:*",
"matchCriteriaId": "C042A0EB-AB96-4FD2-A19E-4E9101C2C63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0584:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B7B997-4D7F-4A34-822A-3AF52A4FA715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0586:*:*:*:*:*:*:*",
"matchCriteriaId": "3E073D1B-4FBF-4DE2-AA5A-1EE8774D20FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0587:*:*:*:*:*:*:*",
"matchCriteriaId": "2285B98B-3E80-4C5B-9D7D-DA7C250FBAD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0588:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC58901-067E-485B-9723-9F344F306C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0589:*:*:*:*:*:*:*",
"matchCriteriaId": "E4583789-CC14-48BB-83B5-AF1B6896B10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0590:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEC3409-0CED-41A8-8718-B0EFCA85DA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0591:*:*:*:*:*:*:*",
"matchCriteriaId": "B4AEB67C-7DAF-44D2-BB32-FD9E86D8EA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0592:*:*:*:*:*:*:*",
"matchCriteriaId": "383DA8F4-1DDD-43A9-8A53-721F5F449CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0594:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD95D30-4502-44EB-9C0C-D9A45CD24E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0595:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F60297-9FA4-47F6-98AF-B9662568D76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0596:*:*:*:*:*:*:*",
"matchCriteriaId": "4E593FD2-7158-40D0-9F44-01C06BF96F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0597:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A435F-8C6D-4584-8DB9-4A0C515F6D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0598:*:*:*:*:*:*:*",
"matchCriteriaId": "5F210B77-F989-4931-AFBF-CEC2A175FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0599:*:*:*:*:*:*:*",
"matchCriteriaId": "36BBE6AE-BEE1-441B-A5A4-30BD7FCFBF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F74C4546-500F-405C-B585-6F6C07065808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0612:*:*:*:*:*:*:*",
"matchCriteriaId": "948521F4-CA30-4269-8A98-96F9AD004150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0615:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9853CB-38CC-419D-A9F8-EDDA2F6CE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:*:*:*:*:*:*:*",
"matchCriteriaId": "7C679459-44C7-454C-9894-87ABE1F710F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0630:*:*:*:*:*:*:*",
"matchCriteriaId": "CD169173-9189-42BE-A741-955889E44FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway anterior a 3.00.0635 permite a atacantes f\u00edsicamente pr\u00f3ximos causar una denegaci\u00f3n de servicio (procesamiento de datos excesivo) a trav\u00e9s de una solicitud DNP manipulada sobre una l\u00ednea de serie."
}
],
"id": "CVE-2014-2343",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-30T23:55:02.783",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway get_config Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de autenticaci\u00f3n faltante. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del endpoint get_config. El problema se debe a la falta de autenticaci\u00f3n antes de permitir el acceso a la funcionalidad. Un atacante puede aprovechar esta vulnerabilidad para revelar informaci\u00f3n confidencial. Era ZDI-CAN-20797."
}
],
"id": "CVE-2023-39466",
"lastModified": "2025-06-17T21:03:18.190",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:12.193",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537."
},
{
"lang": "es",
"value": "Certificaci\u00f3n confiable de Triangle MicroWorks SCADA Data Gateway Carga sin restricciones de archivos Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe dentro de la funci\u00f3n de certificaci\u00f3n confiable. El problema radica en el manejo de la variable OpcUaSecurityCertificateAuthorityTrustDir, que permite la escritura arbitraria de archivos con datos controlados por el atacante. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-20537."
}
],
"id": "CVE-2023-39463",
"lastModified": "2025-06-17T21:03:30.330",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:11.703",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-09 11:39
Modified
2025-04-11 00:51
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.06.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "7DECC05A-BB49-47AD-841A-0D16582C3BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.07.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA92BB5-FEAC-4270-8FC4-65476D8258DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.08.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3A505C-89E2-4F5A-AC61-E036ABFC3322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.09.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "228B39FA-7B51-4AEE-986A-BD0AA3BA2FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.10.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "EA47CA21-A500-4B38-B103-58E224A39734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.11.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "C10643AE-4541-41DB-8ECF-D4CFD482628B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.12.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0824BE-769F-439F-A8DC-97F6EBCB81E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.13.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "93B33FC8-D566-4BC8-97E2-3584BA9AC987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.14.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFE40C1-8E33-4295-A0E0-2FA1F5BAF9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:ansi_c_source_code_libraries:3.15.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB98E06-B56D-4168-A94C-8D7FCBA58FEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.06.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDA2B53-1513-4DDF-B325-025FEFA5E16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "12E48EA6-095F-49E5-B65E-A780C25C8FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.08.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7B6492-A0B9-4D68-B39C-D4246A190638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.09.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E240AFBC-0AF6-4406-B726-2DD7B1CE10AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "13026105-3803-44D8-A224-4BA454917231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB5DBE4-796A-4D17-8805-7DB725CCFB4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.14.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F5CDC3-ECE6-486D-AFB1-C570825202DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.15.00:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF26C3C-1E7B-4243-A5FF-CD80CCCA2FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:.net_communication_protocol_components:3.15.0.369:*:*:*:*:*:*:*",
"matchCriteriaId": "045F45E6-DB41-4D65-968B-CD04596004D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D2626C47-B68A-4A21-B5A2-9D64A28A7120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2B52D-B324-4115-A3BB-51E3BF97758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9406C4EC-5758-458D-8354-6736CA78A660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "EB915370-216E-40DC-AEF5-634230394E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0515:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5498C-D5F0-43F7-A536-AB65B4DEB49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0516:*:*:*:*:*:*:*",
"matchCriteriaId": "2099DFC5-F241-4C47-9A17-FE40101A4570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0517:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E898A9-7F0E-453C-8509-75E7E1290382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0518:*:*:*:*:*:*:*",
"matchCriteriaId": "E513983A-C6A2-4E07-874B-880F7A013D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0528:*:*:*:*:*:*:*",
"matchCriteriaId": "D6861F70-5798-4B41-BE94-BECCF16752BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0529:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5722CA-130A-46B3-9A30-9661069890AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0536:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E625A4-30E4-4D5B-81B2-B0B0569948DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0540:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6D03B5-2E8C-49E9-8A18-F367F72A4D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0544:*:*:*:*:*:*:*",
"matchCriteriaId": "AF59F8E0-C4BA-4658-9B91-BACD59B9C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0545:*:*:*:*:*:*:*",
"matchCriteriaId": "BD36BB8A-C840-494B-835C-98EB0075CA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0552:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDB5301-887B-4950-A918-113B75D2BDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0553:*:*:*:*:*:*:*",
"matchCriteriaId": "76BF9332-5F3E-4230-A742-2019B2DCEB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0558:*:*:*:*:*:*:*",
"matchCriteriaId": "1610F5AE-3BB1-4BDB-8C88-A2B83DBE39C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0561:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2A4B7A-D8DA-4A1E-8506-A2D377E7568D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0562:*:*:*:*:*:*:*",
"matchCriteriaId": "90EA0A71-B4C7-4F54-A439-4B0FA9637410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0564:*:*:*:*:*:*:*",
"matchCriteriaId": "71B02213-096E-4CA2-8528-64E83EA06D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0565:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA1B917-A27E-4043-BD74-534B13916F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0566:*:*:*:*:*:*:*",
"matchCriteriaId": "378C61EE-9420-42D3-9DA2-71F2D459ACE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0567:*:*:*:*:*:*:*",
"matchCriteriaId": "CA21BE3B-6C2E-4479-A9A0-E3966741B832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0569:*:*:*:*:*:*:*",
"matchCriteriaId": "49C97936-8AF3-41D8-8D6B-F6C9C5F4B002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0570:*:*:*:*:*:*:*",
"matchCriteriaId": "D3175298-E0A4-4571-BDCC-FDA81675BC67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0571:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF8DF0-93D1-4ACA-BA78-B6DE0080AD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0572:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5F9B2-38C5-45AC-9A33-80E61BAF0E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0573:*:*:*:*:*:*:*",
"matchCriteriaId": "00666362-AD62-4942-96E8-C08BF087E34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0574:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC82C89-7D15-452D-8610-23F3952487E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0575:*:*:*:*:*:*:*",
"matchCriteriaId": "3D15DD91-4F01-4B95-8F9A-C4848800BDBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0576:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF57506-CC34-473C-8165-CB26194E80BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0577:*:*:*:*:*:*:*",
"matchCriteriaId": "CC480C77-1950-4C3A-B77E-D2C2AC59FE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0578:*:*:*:*:*:*:*",
"matchCriteriaId": "2044B8C6-D0C6-4A1E-9798-19912FFAE097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0579:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4B1C5-CE06-4082-9534-513BB99D7D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0580:*:*:*:*:*:*:*",
"matchCriteriaId": "15E62697-E6BD-4796-9470-F6E125CD3F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0581:*:*:*:*:*:*:*",
"matchCriteriaId": "299D658E-143A-4556-A6FF-37EDA07828CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0582:*:*:*:*:*:*:*",
"matchCriteriaId": "7619010A-954E-4F5D-8DDB-0ED652E2A306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0583:*:*:*:*:*:*:*",
"matchCriteriaId": "C042A0EB-AB96-4FD2-A19E-4E9101C2C63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0584:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B7B997-4D7F-4A34-822A-3AF52A4FA715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0586:*:*:*:*:*:*:*",
"matchCriteriaId": "3E073D1B-4FBF-4DE2-AA5A-1EE8774D20FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0587:*:*:*:*:*:*:*",
"matchCriteriaId": "2285B98B-3E80-4C5B-9D7D-DA7C250FBAD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0588:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC58901-067E-485B-9723-9F344F306C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0589:*:*:*:*:*:*:*",
"matchCriteriaId": "E4583789-CC14-48BB-83B5-AF1B6896B10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0590:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEC3409-0CED-41A8-8718-B0EFCA85DA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0591:*:*:*:*:*:*:*",
"matchCriteriaId": "B4AEB67C-7DAF-44D2-BB32-FD9E86D8EA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0592:*:*:*:*:*:*:*",
"matchCriteriaId": "383DA8F4-1DDD-43A9-8A53-721F5F449CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0594:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD95D30-4502-44EB-9C0C-D9A45CD24E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0595:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F60297-9FA4-47F6-98AF-B9662568D76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0596:*:*:*:*:*:*:*",
"matchCriteriaId": "4E593FD2-7158-40D0-9F44-01C06BF96F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0597:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A435F-8C6D-4584-8DB9-4A0C515F6D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0598:*:*:*:*:*:*:*",
"matchCriteriaId": "5F210B77-F989-4931-AFBF-CEC2A175FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0599:*:*:*:*:*:*:*",
"matchCriteriaId": "36BBE6AE-BEE1-441B-A5A4-30BD7FCFBF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F74C4546-500F-405C-B585-6F6C07065808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:*:*:*:*:*:*:*",
"matchCriteriaId": "7C679459-44C7-454C-9894-87ABE1F710F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 hasta 3.00.0616, Componentes de protocolo DNP3 .NET 3.06.0.171 hasta 3.15.0.369, y librer\u00edas C DNP3 3.06.0000 hasta 3.15.0000 permiten a un atacante con acceso f\u00edsico causar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una entrada manipulada a trav\u00e9s de puerto serie."
}
],
"id": "CVE-2013-2794",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-09T11:39:08.443",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:02
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de funci\u00f3n peligrosa expuesta. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe en el manejo del par\u00e1metro DbasSectorFileToExecuteOnReset. El problema se debe a una funci\u00f3n peligrosa expuesta. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-20799."
}
],
"id": "CVE-2023-39468",
"lastModified": "2025-06-17T21:02:53.483",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:12.563",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-749"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de credenciales codificadas mediante el uso de la puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes adyacentes a la red eludir la autenticaci\u00f3n en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe en el manejo de certificados. El servicio utiliza un certificado SSL predeterminado codificado. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-20509."
}
],
"id": "CVE-2023-39458",
"lastModified": "2025-06-17T21:03:48.560",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:10.823",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1026/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1026/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-07 07:15
Modified
2024-11-21 07:58
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A763593D-AA02-4DF7-9D24-A88EB254594D",
"versionEndIncluding": "5.01.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u003c= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a \"password change event\". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events."
}
],
"id": "CVE-2023-2187",
"lastModified": "2024-11-21T07:58:06.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-07T07:15:08.740",
"references": [
{
"source": "trellixpsirt@trellix.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501."
},
{
"lang": "es",
"value": "Vulnerabilidad de autenticaci\u00f3n faltante en la puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos evitar la autenticaci\u00f3n en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe debido a la falta de autenticaci\u00f3n del usuario. El problema se debe a la falta de autenticaci\u00f3n en la configuraci\u00f3n predeterminada del sistema. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto de la ra\u00edz. Era ZDI-CAN-20501."
}
],
"id": "CVE-2023-39457",
"lastModified": "2025-06-17T21:03:54.923",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:10.647",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-15 19:15
Modified
2024-11-21 04:55
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.zerodayinitiative.com/advisories/ZDI-20-549/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-105-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-549/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F22582F-32D4-4E3A-AF76-CDB180CC0D03",
"versionEndIncluding": "4.0.122",
"versionStartIncluding": "2.41.0213",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
},
{
"lang": "es",
"value": "Triangle MicroWorks SCADA Data Gateway versiones 3.02.0697 hasta 4.0.122, versiones 2.41.0213 hasta 4.0.122, permite a atacantes remotos ejecutar c\u00f3digo arbitrario debido a la falta de comprobaci\u00f3n apropiada de los datos suministrados por el usuario, lo que puede causar una condici\u00f3n de confusi\u00f3n de tipos. No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad. Solo aplicable a instalaciones que utilizan DNP3 Data Sets."
}
],
"id": "CVE-2020-10611",
"lastModified": "2024-11-21T04:55:41.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-15T19:15:13.613",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534."
},
{
"lang": "es",
"value": "Vulnerabilidad de creaci\u00f3n de archivos arbitrarios de recorrido de directorio de registro de eventos de puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos crear archivos arbitrarios en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe en la creaci\u00f3n de registros de eventos. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo en el contexto ra\u00edz. Era ZDI-CAN-20534."
}
],
"id": "CVE-2023-39460",
"lastModified": "2025-06-17T21:03:41.000",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:11.157",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n del certificado SCADA Data Gateway de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe en la configuraci\u00f3n del directorio web del certificado. El problema se debe a la exposici\u00f3n de informaci\u00f3n confidencial en la ra\u00edz web de la aplicaci\u00f3n. Un atacante puede aprovechar esta vulnerabilidad para revelar informaci\u00f3n confidencial. Era ZDI-CAN-20798."
}
],
"id": "CVE-2023-39467",
"lastModified": "2025-06-17T21:03:14.050",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:12.360",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-219"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-07 23:15
Modified
2025-08-14 01:39
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-450/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-450/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.01.01 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E967D-A1E2-455A-8E64-3E797D31E964",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo Directory Traversal de espacio de trabajo de restauraci\u00f3n de puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe dentro de la funci\u00f3n Restaurar espacio de trabajo. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-17227."
}
],
"id": "CVE-2022-0369",
"lastModified": "2025-08-14T01:39:13.400",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-07T23:15:14.490",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-06-17 21:03
Severity ?
Summary
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trianglemicroworks | scada_data_gateway | 5.1.3.20324 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AC0B76-A64D-4650-AFF9-4B9AE5A8C4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536."
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones del espacio de trabajo de puerta de enlace de datos SCADA de Triangle MicroWorks. Esta vulnerabilidad permite a atacantes remotos cargar archivos arbitrarios en las instalaciones afectadas de Triangle MicroWorks SCADA Data Gateway. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe en el procesamiento de archivos del espacio de trabajo. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede permitir la carga de archivos arbitrarios. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto de la ra\u00edz. Era ZDI-CAN-20536."
}
],
"id": "CVE-2023-39462",
"lastModified": "2025-06-17T21:03:33.927",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:11.533",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
CVE-2020-10613 (GCVE-0-2020-10613)
Vulnerability from cvelistv5
Published
2020-04-15 18:30
Modified
2024-08-04 11:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - OUT-OF-BOUNDS READ
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
Version: Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "OUT-OF-BOUNDS READ CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T18:06:05",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"version": {
"version_data": [
{
"version_value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS READ CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10613",
"datePublished": "2020-04-15T18:30:42",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39458 (GCVE-0-2023-39458)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:17:39.486576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:03.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1026",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1026/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.375-05:00",
"datePublic": "2023-08-04T13:32:39.881-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:22.784Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1026",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1026/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Team ECQ"
},
"title": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39458",
"datePublished": "2024-05-03T01:59:22.784Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10611 (GCVE-0-2020-10611)
Vulnerability from cvelistv5
Published
2020-04-15 18:36
Modified
2024-08-04 11:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-843 - ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION')
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
Version: Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T18:06:02",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"version": {
"version_data": [
{
"version_value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10611",
"datePublished": "2020-04-15T18:36:16",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39465 (GCVE-0-2023-39465)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Summary
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39465",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T15:37:18.521094Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:05.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1033",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.416-05:00",
"datePublic": "2023-08-04T13:41:33.328-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TmwCrypto class. The issue results from the usage of a hard-coded cryptograhic key and the usage of a hard-coded certificate. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20615."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:28.085Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1033",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1033/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39465",
"datePublished": "2024-05-03T01:59:28.085Z",
"dateReserved": "2023-08-02T21:37:23.122Z",
"dateUpdated": "2024-08-02T18:10:21.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39466 (GCVE-0-2023-39466)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:12:42.172392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:15:39.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1034",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.422-05:00",
"datePublic": "2023-08-04T13:42:39.807-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20797."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:28.811Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1034",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1034/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39466",
"datePublished": "2024-05-03T01:59:28.811Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2186 (GCVE-0-2023-2186)
Vulnerability from cvelistv5
Published
2023-06-07 06:37
Modified
2025-01-06 20:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-134 - Use of Externally-Controlled Format String
Summary
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.01.03 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T20:10:12.309182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T20:10:28.548Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.01.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sam Quinn"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u0026lt;= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution."
}
],
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u003c= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T06:37:33.280Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2023-2186",
"datePublished": "2023-06-07T06:37:33.280Z",
"dateReserved": "2023-04-19T15:35:06.060Z",
"dateUpdated": "2025-01-06T20:10:28.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2794 (GCVE-0-2013-2794)
Vulnerability from cvelistv5
Published
2013-09-09 10:00
Modified
2024-09-17 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:19.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-09T10:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"name": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf",
"refsource": "CONFIRM",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2794",
"datePublished": "2013-09-09T10:00:00Z",
"dateReserved": "2013-04-11T00:00:00Z",
"dateUpdated": "2024-09-17T02:32:41.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39464 (GCVE-0-2023-39464)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-428 - Unquoted Search Path or Element
Summary
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:13:49.483707Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:11.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1032",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.411-05:00",
"datePublic": "2023-08-04T13:40:15.323-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:27.382Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1032",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1032/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Team ECQ"
},
"title": "Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39464",
"datePublished": "2024-05-03T01:59:27.382Z",
"dateReserved": "2023-08-02T21:37:23.122Z",
"dateUpdated": "2024-08-02T18:10:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39457 (GCVE-0-2023-39457)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:18:26.342775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:56.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1025",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.367-05:00",
"datePublic": "2023-08-04T13:14:52.000-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20501."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:22.050Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1025",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1025/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39457",
"datePublished": "2024-05-03T01:59:22.050Z",
"dateReserved": "2023-08-02T21:37:23.120Z",
"dateUpdated": "2024-08-02T18:10:20.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39462 (GCVE-0-2023-39462)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39462",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:16:53.971929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:04.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1030",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.400-05:00",
"datePublic": "2023-08-04T13:37:32.567-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:25.792Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1030",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1030/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39462",
"datePublished": "2024-05-03T01:59:25.792Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39467 (GCVE-0-2023-39467)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-219 - Storage of File with Sensitive Data Under Web Root
Summary
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-07T19:22:23.242020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:51.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1035",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.427-05:00",
"datePublic": "2023-08-04T13:43:42.003-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-219",
"description": "CWE-219: Storage of File with Sensitive Data Under Web Root",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:29.616Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1035",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1035/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39467",
"datePublished": "2024-05-03T01:59:29.616Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39459 (GCVE-0-2023-39459)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-07T19:23:56.632854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:02.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1027",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1027/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.382-05:00",
"datePublic": "2023-08-04T13:33:53.589-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of Administrator. Was ZDI-CAN-20531."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:23.567Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1027",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1027/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Li Jiantao, Ngo Wei Lin, Pan Zhenpeng of STAR Labs SG Pte. Ltd."
},
"title": "Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39459",
"datePublished": "2024-05-03T01:59:23.567Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2342 (GCVE-0-2014-2342)
Vulnerability from cvelistv5
Published
2014-05-30 23:00
Modified
2024-08-06 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-30T23:57:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new",
"refsource": "MISC",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-2342",
"datePublished": "2014-05-30T23:00:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39463 (GCVE-0-2023-39463)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:16:15.340389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:02.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1031",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.406-05:00",
"datePublic": "2023-08-04T13:39:23.964-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:26.598Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1031",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1031/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Team ECQ"
},
"title": "Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39463",
"datePublished": "2024-05-03T01:59:26.598Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39461 (GCVE-0-2023-39461)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-117 - Improper Output Neutralization for Logs
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39461",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:12:41.966123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:58.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1029",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.394-05:00",
"datePublic": "2023-08-04T13:37:00.078-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20535."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117: Improper Output Neutralization for Logs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:25.080Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1029",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1029/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39461",
"datePublished": "2024-05-03T01:59:25.080Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39468 (GCVE-0-2023-39468)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-749 - Exposed Dangerous Method or Function
Summary
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:19:46.064913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:09.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1036",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.433-05:00",
"datePublic": "2023-08-04T13:44:48.544-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:30.325Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1036",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1036/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Uri Katz of Claroty Team82"
},
"title": "Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39468",
"datePublished": "2024-05-03T01:59:30.325Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39460 (GCVE-0-2023-39460)
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.1.3.20324 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.1.3.20324:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39460",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:18:57.800496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:58.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1028",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.1.3.20324"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.388-05:00",
"datePublic": "2023-08-04T13:35:57.232-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20534."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:24.376Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1028",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1028/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trianglemicroworks.com/products/scada-data-gateway/what\u0027s-new"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39460",
"datePublished": "2024-05-03T01:59:24.376Z",
"dateReserved": "2023-08-02T21:37:23.121Z",
"dateUpdated": "2024-08-02T18:10:20.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2187 (GCVE-0-2023-2187)
Vulnerability from cvelistv5
Published
2023-06-07 06:42
Modified
2025-01-06 21:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical function
Summary
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.01.03 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T21:08:33.609789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T21:08:41.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.01.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Philippe Laulheret"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u0026lt;= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a \"password change event\". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events."
}
],
"value": "On Triangle MicroWorks\u0027 SCADA Data Gateway version \u003c= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a \"password change event\". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events."
}
],
"impacts": [
{
"capecId": "CAPEC-166",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-166 Force the System to Reset Values"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical function\u00a0",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T06:42:31.345Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2023-2187",
"datePublished": "2023-06-07T06:42:31.345Z",
"dateReserved": "2023-04-19T15:35:09.146Z",
"dateUpdated": "2025-01-06T21:08:41.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2793 (GCVE-0-2013-2793)
Vulnerability from cvelistv5
Published
2013-09-09 10:00
Modified
2024-09-16 23:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:19.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-09T10:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01"
},
{
"name": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf",
"refsource": "CONFIRM",
"url": "http://www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2793",
"datePublished": "2013-09-09T10:00:00Z",
"dateReserved": "2013-04-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:35:30.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2343 (GCVE-0-2014-2343)
Vulnerability from cvelistv5
Published
2014-05-30 23:00
Modified
2024-08-06 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-30T23:57:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new",
"refsource": "MISC",
"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-2343",
"datePublished": "2014-05-30T23:00:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10615 (GCVE-0-2020-10615)
Vulnerability from cvelistv5
Published
2020-04-15 18:28
Modified
2024-08-04 11:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW
Summary
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
Version: Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T18:06:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122",
"version": {
"version_data": [
{
"version_value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10615",
"datePublished": "2020-04-15T18:28:01",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0369 (GCVE-0-2022-0369)
Vulnerability from cvelistv5
Published
2024-05-07 22:54
Modified
2024-08-02 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Triangle MicroWorks | SCADA Data Gateway |
Version: 5.01.01 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.01.01:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scada_data_gateway",
"vendor": "trianglemicroworks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:07:32.283678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:09:35.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCADA Data Gateway",
"vendor": "Triangle MicroWorks",
"versions": [
{
"status": "affected",
"version": "5.01.01"
}
]
}
],
"dateAssigned": "2022-01-25T16:23:37.257-06:00",
"datePublic": "2023-04-14T14:00:47.542-05:00",
"descriptions": [
{
"lang": "en",
"value": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-07T22:54:55.247Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-450",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-450/"
}
],
"source": {
"lang": "en",
"value": "Steven Seeley (mr_me) and Chris Anastasio (muffin) of Incite Team"
},
"title": "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-0369",
"datePublished": "2024-05-07T22:54:55.247Z",
"dateReserved": "2022-01-25T22:22:48.663Z",
"dateUpdated": "2024-08-02T23:25:40.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}