Details of VAR-202306-0504

ID

VAR-202306-0504

CVE

CVE-2023-2186

TITLE

Triangle MicroWorks SCADA Data Gateway Format String Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2025-11453 // CNNVD: CNNVD-202306-536

DESCRIPTION

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks in the United States

Trust: 1.44

sources: NVD: CVE-2023-2186 // CNVD: CNVD-2025-11453

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-11453

AFFECTED PRODUCTS

vendor:	trianglemicroworks	model:	scada data gateway	scope:	lte	version:	5.01.03	Trust: 1.0
vendor:	triangle	model:	microworks scada data gateway	scope:	lte	version:	<=5.01.03	Trust: 0.6

sources: CNVD: CNVD-2025-11453 // NVD: CVE-2023-2186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-2186
value:	CRITICAL
Trust: 1.0
trellixpsirt@trellix.com:	CVE-2023-2186
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2025-11453
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202306-536
value:	CRITICAL
Trust: 0.6

CNVD:	CNVD-2025-11453
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-2186
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
trellixpsirt@trellix.com:	CVE-2023-2186
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-11453 // CNNVD: CNNVD-202306-536 // NVD: CVE-2023-2186 // NVD: CVE-2023-2186

PROBLEMTYPE DATA

problemtype:

CWE-134

Trust: 1.0

sources: NVD: CVE-2023-2186

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-536

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202306-536

PATCH

title:	Patch for Triangle MicroWorks SCADA Data Gateway Format String Error Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/694291	Trust: 0.6
title:	Triangle MicroWorks SCADA Data Gateway Fixes for formatting string error vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=242121	Trust: 0.6

sources: CNVD: CNVD-2025-11453 // CNNVD: CNNVD-202306-536

EXTERNAL IDS

db:	NVD	id:	CVE-2023-2186	Trust: 2.2
db:	CNVD	id:	CNVD-2025-11453	Trust: 0.6
db:	CNNVD	id:	CNNVD-202306-536	Trust: 0.6

sources: CNVD: CNVD-2025-11453 // CNNVD: CNNVD-202306-536 // NVD: CVE-2023-2186

REFERENCES

url:	https://www.trellix.com/en-us/about/newsroom/stories/research/industrial-and-manufacturing-cves.html	Trust: 2.2
url:	https://cxsecurity.com/cveshow/cve-2023-2186/	Trust: 0.6

sources: CNVD: CNVD-2025-11453 // CNNVD: CNNVD-202306-536 // NVD: CVE-2023-2186

SOURCES

db:	CNVD	id:	CNVD-2025-11453
db:	CNNVD	id:	CNNVD-202306-536
db:	NVD	id:	CVE-2023-2186

LAST UPDATE DATE

2025-06-08T23:18:12.835000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-11453	date:	2025-06-05T00:00:00
db:	CNNVD	id:	CNNVD-202306-536	date:	2023-06-19T00:00:00
db:	NVD	id:	CVE-2023-2186	date:	2023-06-16T18:05:53.933

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-11453	date:	2025-06-05T00:00:00
db:	CNNVD	id:	CNNVD-202306-536	date:	2023-06-07T00:00:00
db:	NVD	id:	CVE-2023-2186	date:	2023-06-07T07:15:08.490