CVE-2023-34672 – CVE-2023-34672 is an improper access control vu... (How to Fix)

Q: What is the severity of CVE-2023-34672?

CVE-2023-34672 has a CVSS score of 8.8 (HIGH). CVE-2023-34672 is an improper access control vulnerability in Elenos ETG150 FM transmitters running version 3.12 that allows attackers with admin profile access to add high-privilege users. This could lead to unauthorized administrative control over the transmitter. Organizations using affected Elenos ETG150 transmitters with version 3.12 are vulnerable.

📋 TL;DR

CVE-2023-34672 is an improper access control vulnerability in Elenos ETG150 FM transmitters running version 3.12 that allows attackers with admin profile access to add high-privilege users. This could lead to unauthorized administrative control over the transmitter. Organizations using affected Elenos ETG150 transmitters with version 3.12 are vulnerable.

💻 Affected Systems

Products:

Elenos ETG150 FM transmitter

Versions: Version 3.12

Operating Systems: Embedded system specific to Elenos ETG150

Default Config Vulnerable: ⚠️ Yes

Notes: Requires attacker to have access to admin profile, but improper access control allows privilege escalation within that context.

📦 What is this software?

Etg150 Firmware by Elenos

View all CVEs affecting Etg150 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the FM transmitter allowing attackers to modify broadcast content, disrupt operations, or use the device as a foothold into broadcast networks.

🟠

Likely Case

Unauthorized administrative access leading to configuration changes, service disruption, or data exfiltration from the transmitter system.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external exploitation.

🌐 Internet-Facing: HIGH - The description notes attacks could occur over public Internet in some cases, making exposed devices particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal attackers with admin access could exploit this, but requires some level of initial access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin access but the vulnerability allows privilege escalation from that position. Public PoC documentation exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://elenos.com

Restart Required: No

Instructions:

Check Elenos website for security updates. If patch available, follow vendor instructions for updating ETG150 firmware.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate ETG150 transmitters from public Internet and restrict access to management interfaces.

Access Control Hardening

all

Implement strict access controls, multi-factor authentication, and monitor admin account activities.

🧯 If You Can't Patch

Implement network segmentation to isolate transmitters from untrusted networks
Monitor for suspicious admin account creation or privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or console. If version is 3.12, device is vulnerable.

Check Version:

Check via device web interface at System > About or similar menu

Verify Fix Applied:

Verify firmware version has been updated beyond 3.12 per vendor guidance.

📡 Detection & Monitoring

Log Indicators:

Unexpected user account creation
Admin privilege changes
Failed authentication attempts followed by successful admin actions

Network Indicators:

Unauthorized access to admin interfaces
Traffic to/from transmitter management ports from unexpected sources

SIEM Query:

source="elenos-transmitter" AND (event_type="user_created" OR event_type="privilege_change")

📊 Metadata

CVE ID: CVE-2023-34672

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-281

Published: June 23, 2023

Last Updated: December 5, 2024

🔗 References

http://elenos.com Product
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34672 Exploit,Third Party Advisory
http://elenos.com Product
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34672 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-34672, you might also want to check these: