Full Report
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC before 23.3.0. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Nozomi Network’s upstream security notifications.
Analysis Summary
# Vulnerability: Missing Authentication in Nozomi Guardian/CMC Affecting RUGGEDCOM APE1808
## CVE Details
- CVE ID: CVE-2023-5253
- CVSS Score: 5.3 (Medium)
- CWE: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
## Affected Systems
- Products: RUGGEDCOM APE1808 running Nozomi Guardian / CMC
- Versions: All versions with Nozomi Guardian / CMC **before V23.3.0**
- Configurations: Affects the WebSocket channel used for the Check Point IoT integration.
## Vulnerability Description
A missing authentication check exists in the WebSocket channel utilized for the Check Point IoT integration within Nozomi Networks Guardian and CMC. This flaw could allow an unauthenticated remote attacker to obtain sensitive assets data without requiring any form of authentication.
## Exploitation
- Status: PoC available (based on the CVSS vector E:P - Proof of Concept)
- Complexity: Low (AV:N/AC:L/PR:N/UI:N)
- Attack Vector: Network
## Impact
- Confidentiality: Low (C:L - Partial loss of confidentiality)
- Integrity: No impact (I:N)
- Availability: No impact (A:N)
## Remediation
### Patches
- **Upgrade Nozomi Guardian / CMC to V23.4.1.**
- Customers should contact customer support to receive patch and update information for the RUGGEDCOM APE1808 firmware/software hosting these components.
### Workarounds
- Use internal firewall features to limit access to the web management interface.
- Implement general security measures to protect network access to the devices, following Siemens' operational guidelines for Industrial Security.
## Detection
- Detection methods involve monitoring network traffic associated with the WebSocket channel used for Check Point IoT integration for anomalous unauthenticated connections.
- Refer to the full Siemens advisory (SSA-665034) for specific product remediations defined in the "Affected Products and Solution" section.
## References
- Vendor Advisories (Nozomi Networks): hxxps://security.nozominetworks.com/
- Siemens Security Advisory: SSA-665034
- Siemens Industrial Security Guidelines: hxxps://www.siemens.com/cert/operational-guidelines-industrial-security