CVE-2023-6248

CVSS V2 None CVSS V3 None

Description

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connected device. An attacker who knows the IP address of the server is able to connect and perform the following operations: * Get location data of the vehicle the device is connected to * Send CAN bus messages via the ECU module ( https://syrus.digitalcomtech.com/docs/ecu-1 https://syrus.digitalcomtech.com/docs/ecu-1 ) * Immobilize the vehicle via the safe-immobilizer module ( https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization ) * Get live video through the connected video camera * Send audio messages to the driver ( https://syrus.digitalcomtech.com/docs/system-tools#apx-tts https://syrus.digitalcomtech.com/docs/system-tools#apx-tts )

Overview

CVE ID
CVE-2023-6248

Assigner
ASRG

Vulnerability Status
PUBLISHED

Published Version
2023-11-21T21:49:35.831Z

Last Modified Date
2023-11-21T21:49:35.831Z

Weakness Enumerations

CWE	URL
CWE-287	http://cwe.mitre.org/data/definitions/287.html
CWE-319	http://cwe.mitre.org/data/definitions/319.html
CWE-200	http://cwe.mitre.org/data/definitions/200.html
CWE-94	http://cwe.mitre.org/data/definitions/94.html

References

Reference URL	Reference Tags
https://www.digitalcomtech.com/product/syrus-4g-iot-telematics-gateway/	product

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-6248
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6248

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 07:07:02				Added to TrackCVE