Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_JOHNSONCONTROLS_CVE-2023-4486.NASLHistoryDec 14, 2023 - 12:00 a.m.
Johnson Controls Metasys and Facility Explorer Uncontrolled Resource Consumption (CVE-2023-4486)
2023-12-1400:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
johnson controls metasys
facility explorer
uncontrolled resource consumption
cve-2023-4486
authentication
denial-of-service
update
johnson controls office
authorized building control specialists
product security advisory.
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501833);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2023-4486");
script_xref(name:"ICSA", value:"23-341-03");
script_name(english:"Johnson Controls Metasys and Facility Explorer Uncontrolled Resource Consumption (CVE-2023-4486)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Under certain circumstances, invalid authentication credentials could
be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE,
and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility
Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause
denial-of-service.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03");
script_set_attribute(attribute:"see_also", value:"https://www.johnsoncontrols.com/cyber-solutions/security-advisories");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Johnson Controls recommends users update the products to the latest versions:
- Update Metasys NAE55 engines to version 11.0.6
- Update Metasys NAE55 engines to version 12.0.4
- Update Metasys SNE engines to version 11.0.6
- Update Metasys SNE engines to version 12.0.4
- Update Metasys SNC engines to version 11.0.6
- Update Metasys SNC engines to version 12.0.4
- Update Facility Explorer F4-SNC engine to version 11.0.6
- Update Facility Explorer F4-SNC engine to version 12.0.4
For more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).
For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2023-08 v2.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-4486");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(400, 770);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/07");
script_set_attribute(attribute:"patch_publication_date", value:"2023/12/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/12/14");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:johnsoncontrols:nae55_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/JohnsonControls");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/JohnsonControls');
var asset = tenable_ot::assets::get(vendor:'JohnsonControls');
var vuln_cpes = {
"cpe:/o:johnsoncontrols:nae55_firmware" :
{"versionEndExcluding" : "12.0.4", "family" : "MetasysNae"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
Related
prion
prion
Design/Logic Flaw
2023-12-07 20:15:00
cve
cve
CVE-2023-4486
2023-12-07 20:15:38
nvd
nvd
CVE-2023-4486
2023-12-07 20:15:38
cvelist
cvelist
ics
ics
Johnson Controls Metasys and Facility Explorer (Update A)
2023-12-19 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
Related for TENABLE_OT_JOHNSONCONTROLS_CVE-2023-4486.NASL