CVE-2023-22618
📋 TL;DR
This vulnerability in Nokia WaveLite products allows local users to create new administrative accounts by manipulating web requests when security hardening guidelines aren't followed. It affects multiple WaveLite Metro 200 models and related fan units. The issue stems from improper access control that fails to restrict user creation privileges.
💻 Affected Systems
- WaveLite Metro 200 and Fan
- WaveLite Metro 200 OPS and Fans
- WaveLite Metro 200 and F2B fans
- WaveLite Metro 200 OPS and F2B fans
- WaveLite Metro 200 NE and F2B fans
- WaveLite Metro 200 NE OPS and F2B fans
📦 What is this software?
Wavelite Metro 200 And F2b Fans Firmware by Nokia
View all CVEs affecting Wavelite Metro 200 And F2b Fans Firmware →
Wavelite Metro 200 And Fan Firmware by Nokia
View all CVEs affecting Wavelite Metro 200 And Fan Firmware →
Wavelite Metro 200 Ne And F2b Fans Firmware by Nokia
View all CVEs affecting Wavelite Metro 200 Ne And F2b Fans Firmware →
Wavelite Metro 200 Ne Ops And F2b Fans Firmware by Nokia
View all CVEs affecting Wavelite Metro 200 Ne Ops And F2b Fans Firmware →
⚠️ Risk & Real-World Impact
Worst Case
An attacker with local access gains full administrative control over the device, enabling complete system compromise, data exfiltration, and potential use as a pivot point into the network.
Likely Case
Local users escalate privileges to administrative level, allowing them to modify configurations, access sensitive data, and potentially disrupt network services.
If Mitigated
With proper security hardening and access controls, the vulnerability is prevented as the hardening guide specifically addresses this configuration weakness.
🎯 Exploit Status
Exploitation requires manipulating web requests to the device's local interface. The CWE-284 (Improper Access Control) classification indicates this is an authorization bypass issue.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: N/A - Configuration-based fix
Vendor Advisory: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-22618/
Restart Required: No
Instructions:
1. Access the Nokia Security Hardening guide for WaveLite products. 2. Implement all recommended security hardening measures. 3. Specifically ensure proper access controls are configured to prevent unauthorized user creation. 4. Verify configuration changes are applied and effective.
🔧 Temporary Workarounds
Implement Security Hardening
allApply all security hardening guidelines from Nokia to restrict access and prevent unauthorized user creation
Network Segmentation
allRestrict network access to WaveLite management interfaces to authorized administrative networks only
🧯 If You Can't Patch
- Implement strict network access controls to limit who can reach the WaveLite management interfaces
- Enable detailed logging and monitoring of user creation activities and web request patterns
🔍 How to Verify
Check if Vulnerable:
Check if Security Hardening guide rules have been implemented. Attempt to create a new administrative user via web interface manipulation (test in controlled environment only).Check Version:
Check device configuration against Nokia's Security Hardening guide requirementsVerify Fix Applied:
Verify security hardening measures are in place. Test that user creation requests from non-administrative contexts are properly rejected.📡 Detection & Monitoring
Log Indicators:
- Unexpected user creation events
- Web requests attempting to create administrative accounts
- Failed authentication followed by successful privilege escalation
Network Indicators:
- Unusual web traffic patterns to device management interfaces
- Requests to user creation endpoints from unauthorized sources
SIEM Query:
source="wavelite-logs" AND (event_type="user_creation" OR uri_path="/create_user" OR uri_path="/admin/create")