IT之家 1 月 11 日消息,安全公司 Nozomi 本周二发布报告,称具备联网功能的扳手存在 23 个漏洞,在概念验证中可以安装勒索软件,导致扳手无法使用。
报告中涉及的扳手为博世力士乐手持式螺母拧紧器 NXA015S-36V-B,广泛应用于汽车制造行业,在正常工作的情况下,该扳手可以让工人快速将螺栓拧紧到特定的松紧度。
研究人员写道:
这些漏洞可以在设备上植入勒索软件,从而导致生产线停工,并可能给资产所有者造成大规模经济损失。
另一种利用方式可以让威胁者在操纵板载显示屏时劫持拧紧程序,对正在组装的产品造成难以察觉的损坏,或使其无法安全使用。
在论文中,研究人员获得了扳手的 root 权限,并安装了他们发明的一种名为“DR1LLCRYPT”的勒索软件。
研究人员表示:
这些联网扳手一旦被入侵,本地操作员就无法使用相关按钮,而且我们有能力让联网扳手完全无法运行。
我们可以改变图形用户界面(GUI),在屏幕上显示任意信息,要求支付赎金。鉴于这种攻击很容易在众多设备上实现自动化,攻击者可以迅速使生产线上的所有工具瘫痪,从而可能对最终资产所有者造成重大破坏。
IT之家附上漏洞列表如下:
| CVE ID | CWE | CVSS v3.1 Base Score | CVSS v3.1 Vector |
|---|---|---|---|
| CVE-2023-48252 | Improper Authorization (CWE-285) | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48253 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48243 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | 8.1 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| CVE-2023-48250 | Use of Hard-coded Credentials (CWE-798) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48251 | Use of Hard-coded Credentials (CWE-798) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48262 | Stack-based Buffer Overflow (CWE-121) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48263 | Heap-based Buffer Overflow (CWE-122) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48264 | Stack-based Buffer Overflow (CWE-121) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48265 | Stack-based Buffer Overflow (CWE-121) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48266 | Stack-based Buffer Overflow (CWE-121) | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2023-48257 | Use of Weak Credentials (CWE-1391) | 7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2023-48242 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| CVE-2023-48245 | Missing Authorization (CWE-862) | 6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
| CVE-2023-48246 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| CVE-2023-48249 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| CVE-2023-48255 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) | 6.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
| CVE-2023-48248 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) | 5.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
| CVE-2023-48258 | Cross-Site Request Forgery (CSRF) (CWE-352) | 5.5 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
| CVE-2023-48244 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) | 5.3 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
| CVE-2023-48247 | Missing Authorization (CWE-862) | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CVE-2023-48254 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) | 5.3 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
| CVE-2023-48256 | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') (CWE-113) | 5.3 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
| CVE-2023-48259 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CVE-2023-48260 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CVE-2023-48261 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
广告声明:文内含有的对外跳转链接(包括不限于超链接、二维码、口令等形式),用于传递更多信息,节省甄选时间,结果仅供参考,IT之家所有文章均包含本声明。