Login Sign Up

CVE-2023-25407

7.2 HIGH

📋 TL;DR

The Aten PE8108 power distribution unit firmware version 2.4.232 has an access control vulnerability where restricted users can read administrator credentials. This allows unauthorized privilege escalation and complete system compromise. Organizations using this specific PDU firmware version are affected.

💻 Affected Systems

Products:
  • Aten PE8108 Power Distribution Unit
Versions: Firmware version 2.4.232
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the specific firmware version mentioned; other versions may not be vulnerable.

📦 What is this software?

Pe8108 Firmware by Aten

View all CVEs affecting Pe8108 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control over the PDU, enabling power cycling of connected equipment, configuration changes, and potential physical damage to infrastructure.

🟠

Likely Case

Unauthorized users escalate privileges to administrator level, gaining control over power management functions and potentially disrupting operations.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the PDU management interface only.

🌐 Internet-Facing: HIGH if PDU management interface is exposed to internet, as attackers can gain full control remotely.
🏢 Internal Only: MEDIUM as internal attackers or compromised accounts can escalate privileges to disrupt operations.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access as a restricted user, then simple API calls to retrieve admin credentials.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check with ATEN for updated firmware

Vendor Advisory: https://www.aten.com/global/en/support/security-advisory/

Restart Required: Yes

Instructions:

1. Check ATEN website for firmware updates. 2. Download latest firmware. 3. Upload via web interface. 4. Apply update. 5. Reboot PDU.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate PDU management interface to trusted network segments only

Access Control Lists

all

Restrict access to PDU management interface using firewall rules

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate PDU management interface
  • Monitor for unauthorized access attempts and credential access patterns

🔍 How to Verify

Check if Vulnerable:

Check firmware version in PDU web interface under System Information

Check Version:

Check via web interface or SNMP: snmpwalk -v2c -c public <PDU_IP> 1.3.6.1.2.1.1.1

Verify Fix Applied:

Verify firmware version is updated beyond 2.4.232 and test that restricted users cannot access admin credentials

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by successful restricted user login
  • API calls to credential endpoints from non-admin accounts

Network Indicators:

  • Unusual HTTP requests to admin credential endpoints from non-admin IPs

SIEM Query:

source="PDU_logs" AND (event="credential_access" OR event="privilege_escalation")

📊 Metadata

CVE ID: CVE-2023-25407
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-522
Published: April 11, 2023
Last Updated: February 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-25407, you might also want to check these:

CVE-2024-51545 10.0

This CVE describes a username enumeration vulnerability in ABB industrial control system products th...

Same vulnerability type (CWE-522)
CVE-2021-30116 10.0

CVE-2021-30116 is an authentication bypass vulnerability in Kaseya VSA that allows unauthenticated a...

Same vulnerability type (CWE-522)
CVE-2025-0867 9.9

This vulnerability allows standard users to execute commands with administrative privileges through ...

Same vulnerability type (CWE-522)