CVE-2023-37218 – This path traversal vulnerability in Tadiran Te... (How to Fix)

Q: What is the severity of CVE-2023-37218?

CVE-2023-37218 has a CVSS score of 7.5 (HIGH). This path traversal vulnerability in Tadiran Telecom Aeonix allows attackers to access files outside the intended directory by manipulating file paths. It affects systems running vulnerable versions of Tadiran Telecom Aeonix software, potentially exposing sensitive configuration files or system data.

📋 TL;DR

This path traversal vulnerability in Tadiran Telecom Aeonix allows attackers to access files outside the intended directory by manipulating file paths. It affects systems running vulnerable versions of Tadiran Telecom Aeonix software, potentially exposing sensitive configuration files or system data.

💻 Affected Systems

Products:

Tadiran Telecom Aeonix

Versions: Specific versions not detailed in provided references, but all vulnerable versions of Aeonix software

Operating Systems: Not specified, likely various OS where Aeonix runs

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected Aeonix versions are vulnerable to this path traversal issue.

📦 What is this software?

Aeonix by Tadirantele

View all CVEs affecting Aeonix →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive files like configuration, passwords, or system files, potentially leading to further attacks.

🟠

Likely Case

Unauthorized access to sensitive configuration files, system information, or application data stored on the server.

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation preventing access to critical system files.

🌐 Internet-Facing: HIGH - If exposed to the internet, attackers can directly exploit this vulnerability without network access.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to access sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities typically have low exploitation complexity, especially when unauthenticated access is possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in provided references

Vendor Advisory: https://www.gov.il/en/Departments/faq/cve_advisories

Restart Required: Yes

Instructions:

1. Contact Tadiran Telecom for the specific patch version. 2. Apply the official patch from the vendor. 3. Restart the Aeonix service or system as required.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Aeonix systems to only trusted networks and users

File Permission Hardening

linux

Set strict file permissions on sensitive directories and files

chmod 600 sensitive_config_files
chown root:root critical_directories

🧯 If You Can't Patch

Implement strict network access controls and firewall rules to limit access to Aeonix systems
Monitor file access logs for unusual path traversal patterns and implement file integrity monitoring

🔍 How to Verify

Check if Vulnerable:

Check Aeonix version against vendor advisory and test for path traversal using controlled testing methods

Check Version:

Check Aeonix administration interface or system documentation for version information

Verify Fix Applied:

Verify patch installation through version check and test that path traversal attempts are properly blocked

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Requests containing '../' or similar path traversal sequences
Access attempts to sensitive system files

Network Indicators:

Multiple failed file access attempts from single source
Patterns of requests with directory traversal sequences

SIEM Query:

source="aeonix_logs" AND (message="*../*" OR message="*..\\*" OR message="*%2e%2e%2f*")

📊 Metadata

CVE ID: CVE-2023-37218

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: July 30, 2023

Last Updated: November 21, 2024

🔗 References

https://www.gov.il/en/Departments/faq/cve_advisories Third Party Advisory
https://www.gov.il/en/Departments/faq/cve_advisories Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37218, you might also want to check these: