CVE-2023-22803

Vulnerability

LS ELECTRIC XBC-DN32U with operating system version 01.80 is affected by a missing authentication vulnerability for critical functions (CWE-306). The device does not require authentication to perform critical operations on the PLC, including changing the PLC's mode. This vulnerability is remotely exploitable with low attack complexity [1].

Exploitation

An attacker with network access to the PLC can send unauthenticated commands to change the PLC's operating mode arbitrarily. No prior authentication or user interaction is required. The attack can be carried out remotely over the network [1].

Impact

Successful exploitation allows an attacker to alter the PLC's mode, potentially causing a denial-of-service condition by disrupting normal control operations. The primary impact is on availability, with no direct impact on confidentiality or integrity for this specific vulnerability [1].

Mitigation

LS ELECTRIC has not released a firmware update to address this vulnerability as of the advisory date (February 2023). Organizations are advised to implement network segmentation and restrict access to the PLC to trusted hosts only, following defense-in-depth practices. The CISA advisory recommends contacting LS ELECTRIC for further guidance [1].