CVE-2023-0595

A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA servers database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)

Weakness

The product does not neutralize or incorrectly neutralizes output that is written to logs.

Affected Software

Name	Vendor	Start Version	End Version
Clearscada	Schneider-electric	*	*
Ecostruxure_geo_scada_expert_2019	Schneider-electric	- (including)	- (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7268.1 (including)	81.7268.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7322.1 (including)	81.7322.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7429.2 (including)	81.7429.2 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7457.1 (including)	81.7457.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7488.1 (including)	81.7488.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7522.1 (including)	81.7522.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7545.1 (including)	81.7545.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7578.1 (including)	81.7578.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7613.1 (including)	81.7613.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7641.1 (including)	81.7641.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7690.1 (including)	81.7690.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7714.1 (including)	81.7714.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7742.1 (including)	81.7742.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7777.1 (including)	81.7777.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7808.2 (including)	81.7808.2 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7840.1 (including)	81.7840.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7875.1 (including)	81.7875.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7896.1 (including)	81.7896.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7936.1 (including)	81.7936.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.7980.1 (including)	81.7980.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8015.1 (including)	81.8015.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8108.2 (including)	81.8108.2 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8122.1 (including)	81.8122.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8155.1 (including)	81.8155.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8172.1 (including)	81.8172.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8197.1 (including)	81.8197.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8220.1 (including)	81.8220.1 (including)
Ecostruxure_geo_scada_expert_2019	Schneider-electric	81.8267.1 (including)	81.8267.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	- (including)	- (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7551.1 (including)	83.7551.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7578.1 (including)	83.7578.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7613.1 (including)	83.7613.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7641.1 (including)	83.7641.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7692.1 (including)	83.7692.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7717.1 (including)	83.7717.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7742.1 (including)	83.7742.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7787.1 (including)	83.7787.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7809.1 (including)	83.7809.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7840.1 (including)	83.7840.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7875.1 (including)	83.7875.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7913.1 (including)	83.7913.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7936.2 (including)	83.7936.2 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.7980.2 (including)	83.7980.2 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8017.1 (including)	83.8017.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8108.1 (including)	83.8108.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8122.2 (including)	83.8122.2 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8155.1 (including)	83.8155.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8181.1 (including)	83.8181.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8197.1 (including)	83.8197.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8221.1 (including)	83.8221.1 (including)
Ecostruxure_geo_scada_expert_2020	Schneider-electric	83.8267.1 (including)	83.8267.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	- (including)	- (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8027.1 (including)	84.8027.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8108.1 (including)	84.8108.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8120.1 (including)	84.8120.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8158.1 (including)	84.8158.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8182.1 (including)	84.8182.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8197.1 (including)	84.8197.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8218.1 (including)	84.8218.1 (including)
Ecostruxure_geo_scada_expert_2021	Schneider-electric	84.8269.1 (including)	84.8269.1 (including)

Extended Description

This can allow an attacker to forge log entries or inject malicious content into logs. Log forging vulnerabilities occur when:

Potential Mitigations

Assume all input is malicious. Use an “accept known good” input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, “boat” may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as “red” or “blue.”
Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code’s environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-0595
CWE	https://cwe.mitre.org/data/definitions/117.html

Improper Output Neutralization for Logs

Weakness

Affected Software

Extended Description

Potential Mitigations

Related Attack Patterns

References