Login Sign Up

CVE-2023-30459

7.2 HIGH
Remote Code Execution

📋 TL;DR

SmartPTT SCADA 1.1.0.0 allows authenticated administrators to execute arbitrary C# code on the server via the administrator control panel. This vulnerability enables remote code execution when an attacker has administrative access to the system. Organizations using SmartPTT SCADA 1.1.0.0 with administrator accounts exposed are affected.

💻 Affected Systems

Products:
  • SmartPTT SCADA
Versions: 1.1.0.0
Operating Systems: Windows (based on typical SCADA deployments)
Default Config Vulnerable: ⚠️ Yes
Notes: Requires administrator privileges to exploit. Default installation with administrator access enabled is vulnerable.

📦 What is this software?

Smartptt Scada by Smartptt

View all CVEs affecting Smartptt Scada →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the SCADA system, allowing attackers to execute arbitrary code, manipulate industrial processes, steal sensitive data, or disrupt operations.

🟠

Likely Case

Privileged attackers gaining persistent access to the SCADA server, potentially affecting connected industrial control systems.

🟢

If Mitigated

Limited impact if proper access controls restrict administrator accounts and network segmentation isolates the SCADA system.

🌐 Internet-Facing: HIGH if administrator interface is exposed to the internet, as attackers could exploit this after compromising admin credentials.
🏢 Internal Only: MEDIUM if administrator accounts are properly secured and monitored, though insider threats remain possible.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires administrator credentials. Public proof-of-concept code is available on GitHub.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://smartptt.com

Restart Required: No

Instructions:

Check vendor website for security updates. No official patch information is currently available.

🔧 Temporary Workarounds

Restrict Administrator Access

all

Limit administrator account access to trusted personnel only and implement strong authentication.

Network Segmentation

all

Isolate SmartPTT SCADA server from untrusted networks and restrict access to port 8101.

🧯 If You Can't Patch

  • Implement strict access controls for administrator accounts with multi-factor authentication.
  • Monitor and log all access to the administrator control panel on port 8101 for suspicious activity.

🔍 How to Verify

Check if Vulnerable:

Check if SmartPTT SCADA version is 1.1.0.0 and administrator control panel is accessible on port 8101.

Check Version:

Check application version in SmartPTT SCADA interface or installation directory.

Verify Fix Applied:

Verify that administrator access is properly restricted and no unauthorized code execution occurs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual administrator login attempts
  • Unexpected C# script execution in server logs
  • Access to server settings from unauthorized IPs

Network Indicators:

  • Traffic to port 8101 from unexpected sources
  • Unusual outbound connections from SCADA server

SIEM Query:

source="smartptt" AND (event="admin_login" OR event="script_execution")

📊 Metadata

CVE ID: CVE-2023-30459
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Published: April 14, 2023
Last Updated: February 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON