CVE-2023-35034 – This critical vulnerability in Atos Unify OpenS... (How to Fix)

Q: What is the severity of CVE-2023-35034?

CVE-2023-35034 has a CVSS score of 9.8 (CRITICAL). This critical vulnerability in Atos Unify OpenScape 4000 Assistant and Manager allows unauthenticated remote attackers to execute arbitrary code on affected systems. It affects versions before V10 R1.42.0 and V10 R1.34.8, putting organizations using these communication platforms at risk of complete system compromise.

📋 TL;DR

This critical vulnerability in Atos Unify OpenScape 4000 Assistant and Manager allows unauthenticated remote attackers to execute arbitrary code on affected systems. It affects versions before V10 R1.42.0 and V10 R1.34.8, putting organizations using these communication platforms at risk of complete system compromise.

💻 Affected Systems

Products:

Atos Unify OpenScape 4000 Assistant
Atos Unify OpenScape 4000 Manager

Versions: V10 R1 before V10 R1.42.0 and V10 R1.34.8

Operating Systems: Specific to OpenScape platform

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with affected versions are vulnerable by default; no special configuration required.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with attacker gaining full control, data exfiltration, lateral movement to other systems, and deployment of ransomware or other malware.

🟠

Likely Case

Remote code execution leading to installation of backdoors, credential theft, and use of compromised systems for further attacks.

🟢

If Mitigated

Limited impact if systems are isolated, patched, or protected by strict network controls and monitoring.

🌐 Internet-Facing: HIGH - Unauthenticated remote code execution makes internet-facing systems extremely vulnerable to widespread exploitation.

🏢 Internal Only: HIGH - Even internal systems are vulnerable to any attacker who can reach them over the network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CWE-94 indicates improper control of generation of code ('Code Injection'), suggesting straightforward exploitation once details are known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V10 R1.42.0 or V10 R1.34.8

Vendor Advisory: https://networks.unify.com/security/advisories/OBSO-2305-01.pdf

Restart Required: Yes

Instructions:

1. Download patches from Unify support portal. 2. Apply patches to affected systems. 3. Restart services/systems as required. 4. Verify patch installation.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate OpenScape systems from untrusted networks and internet access

Access Control Lists

all

Implement strict firewall rules to limit access to OpenScape systems

🧯 If You Can't Patch

Immediately isolate affected systems from all networks except absolutely necessary management access
Implement application-level firewalls or WAF with strict input validation rules

🔍 How to Verify

Check if Vulnerable:

Check system version via OpenScape web interface or CLI; compare against vulnerable versions.

Check Version:

Specific commands vary by deployment; check vendor documentation for version query methods.

Verify Fix Applied:

Verify version is V10 R1.42.0 or V10 R1.34.8 or later via system administration interface.

📡 Detection & Monitoring

Log Indicators:

Unusual process execution, unexpected network connections, authentication bypass attempts

Network Indicators:

Unusual traffic patterns to OpenScape ports, exploit-like payloads in network traffic

SIEM Query:

Example: 'source_ip:* AND dest_port:(5060 OR 5061) AND (payload_contains:"exec" OR payload_contains:"system")'

📊 Metadata

CVE ID: CVE-2023-35034

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

Published: June 12, 2023

Last Updated: January 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35034, you might also want to check these: