CVE-2023-35069 – This path traversal vulnerability in Bullwark s... (How to Fix)

Q: What is the severity of CVE-2023-35069?

CVE-2023-35069 has a CVSS score of 7.5 (HIGH). This path traversal vulnerability in Bullwark security systems allows attackers to access files outside the intended directory by manipulating file paths. It affects Bullwark BLW-2016E-960H devices running firmware versions before the patched release. Organizations using these security systems for surveillance or access control are at risk.

📋 TL;DR

This path traversal vulnerability in Bullwark security systems allows attackers to access files outside the intended directory by manipulating file paths. It affects Bullwark BLW-2016E-960H devices running firmware versions before the patched release. Organizations using these security systems for surveillance or access control are at risk.

💻 Affected Systems

Products:

Bullwark BLW-2016E-960H

Versions: All versions before the patched firmware

Operating Systems: Embedded Linux (device-specific)

Default Config Vulnerable: ⚠️ Yes

Notes: This appears to be a firmware vulnerability in specific Bullwark security/surveillance devices.

📦 What is this software?

Bullwark Momentum Series by Biges

View all CVEs affecting Bullwark Momentum Series →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing access to sensitive configuration files, surveillance footage, or ability to modify system files leading to persistent access.

🟠

Likely Case

Unauthorized access to sensitive files including configuration data, logs, or surveillance recordings.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external exploitation.

🌐 Internet-Facing: HIGH - If devices are exposed to the internet, attackers can directly exploit this vulnerability without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this, but requires network access to the device.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities typically have low exploitation complexity. The Turkish USOM advisory suggests active exploitation may be occurring.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BLW-2016E-960H firmware version with fix (specific version not provided in references)

Vendor Advisory: https://www.usom.gov.tr/bildirim/tr-23-0401

Restart Required: Yes

Instructions:

1. Contact Bullwark vendor for latest firmware. 2. Backup current configuration. 3. Apply firmware update following vendor instructions. 4. Restart device. 5. Verify fix and restore configuration if needed.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Bullwark devices from internet and restrict internal network access

Access Control Lists

all

Implement strict firewall rules limiting access to device management interfaces

🧯 If You Can't Patch

Segment network to isolate vulnerable devices from untrusted networks
Implement strict access controls and monitor for unusual file access patterns

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or serial console. If version is older than patched release, device is vulnerable.

Check Version:

Check via device web interface at System > Information or via serial console using vendor-specific commands

Verify Fix Applied:

Verify firmware version matches patched release and test path traversal attempts return proper access denied errors.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Requests containing '../' sequences
Access to files outside normal directories

Network Indicators:

HTTP requests with path traversal sequences to device management interface

SIEM Query:

source="bullwark" AND (uri="*../*" OR uri="*..\\*" OR status=403 OR status=404)

📊 Metadata

CVE ID: CVE-2023-35069

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: July 13, 2023

Last Updated: November 21, 2024

🔗 References

https://www.usom.gov.tr/bildirim/tr-23-0401 Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0401 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35069, you might also want to check these: