Details of VAR-202308-2037

ID

VAR-202308-2037

CVE

CVE-2023-39458

TITLE

Triangle MicroWorks of SCADA Data Gateway Vulnerability in using hard-coded credentials in

Trust: 0.8

sources: JVNDB: JVNDB-2023-029205

DESCRIPTION

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20509

Trust: 2.79

sources: NVD: CVE-2023-39458 // JVNDB: JVNDB-2023-029205 // ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-36824

AFFECTED PRODUCTS

vendor:	triangle microworks	model:	scada data gateway	scope:	-	version:	-	Trust: 1.5
vendor:	trianglemicroworks	model:	scada data gateway	scope:	eq	version:	5.1.3.20324	Trust: 1.0
vendor:	triangle microworks	model:	scada data gateway	scope:	eq	version:	5.1.3.20324	Trust: 0.8
vendor:	triangle microworks	model:	scada data gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	triangle	model:	microworks scada data gateway	scope:	-	version:	-	Trust: 0.6

sources: ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824 // JVNDB: JVNDB-2023-029205 // NVD: CVE-2023-39458

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2023-39458
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2023-029205
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2023-39458
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2024-36824
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2024-36824
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:A/AC:H/AU:N/C:C/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.2
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2023-39458
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.0
Trust: 1.0
OTHER:	JVNDB-2023-029205
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-39458
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824 // JVNDB: JVNDB-2023-029205 // NVD: CVE-2023-39458

PROBLEMTYPE DATA

problemtype:	CWE-798	Trust: 1.0
problemtype:	Use hard-coded credentials (CWE-798) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-029205 // NVD: CVE-2023-39458

PATCH

title:	Triangle MicroWorks has issued an update to correct this vulnerability.	url:	https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new	Trust: 0.7
title:	Patch for Triangle MicroWorks SCADA Data Gateway Hard-coded Authentication Bypass Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/585361	Trust: 0.6

sources: ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824

EXTERNAL IDS

db:	NVD	id:	CVE-2023-39458	Trust: 3.9
db:	ZDI	id:	ZDI-23-1026	Trust: 2.5
db:	JVNDB	id:	JVNDB-2023-029205	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-20509	Trust: 0.7
db:	CNVD	id:	CNVD-2024-36824	Trust: 0.6

sources: ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824 // JVNDB: JVNDB-2023-029205 // NVD: CVE-2023-39458

REFERENCES

url:	https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new	Trust: 2.5
url:	https://www.zerodayinitiative.com/advisories/zdi-23-1026/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-39458	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-39458	Trust: 0.6

sources: ZDI: ZDI-23-1026 // CNVD: CNVD-2024-36824 // JVNDB: JVNDB-2023-029205 // NVD: CVE-2023-39458

CREDITS

Team ECQ

Trust: 0.7

sources: ZDI: ZDI-23-1026

SOURCES

db:	ZDI	id:	ZDI-23-1026
db:	CNVD	id:	CNVD-2024-36824
db:	JVNDB	id:	JVNDB-2023-029205
db:	NVD	id:	CVE-2023-39458

LAST UPDATE DATE

2025-06-20T23:06:59.521000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-1026	date:	2023-08-04T00:00:00
db:	CNVD	id:	CNVD-2024-36824	date:	2024-08-29T00:00:00
db:	JVNDB	id:	JVNDB-2023-029205	date:	2025-06-19T06:02:00
db:	NVD	id:	CVE-2023-39458	date:	2025-06-17T21:03:48.560

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-1026	date:	2023-08-04T00:00:00
db:	CNVD	id:	CNVD-2024-36824	date:	2024-08-29T00:00:00
db:	JVNDB	id:	JVNDB-2023-029205	date:	2025-06-19T00:00:00
db:	NVD	id:	CVE-2023-39458	date:	2024-05-03T03:15:10.823