CVE-2023-2187

Name of the Vulnerable Software and Affected Versions Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03

Description The issue is related to the lack of authentication for a critical function in the WebMonitor component of the SCADA Data Gateway. An unauthenticated attacker can send broadcast events to any user, allowing them to forcefully log out any currently logged-in user by sending a "password change event". Additionally, an attacker could use this vulnerability to spam logged-in users with false events. The vulnerability can be exploited by a remote attacker to bypass authentication procedures and potentially elevate privileges by sending specially crafted messages.

Recommendations For Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, consider disabling the WebMonitor component until a patch is available to prevent exploitation. Restrict access to the WebMonitor functionality to minimize the risk of unauthorized event sending. Avoid using the WebMonitor for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.