CVE-2023-43700 – CVE-2023-43700 is a missing authorization vulne... (How to Fix)

Q: What is the severity of CVE-2023-43700?

CVE-2023-43700 has a CVSS score of 7.7 (HIGH). CVE-2023-43700 is a missing authorization vulnerability in SICK APU's RDT400 component that allows unauthenticated remote attackers to modify data via HTTP requests. This affects SICK APU systems with RDT400 functionality exposed to network access. Attackers can exploit this without credentials to alter system data.

📋 TL;DR

CVE-2023-43700 is a missing authorization vulnerability in SICK APU's RDT400 component that allows unauthenticated remote attackers to modify data via HTTP requests. This affects SICK APU systems with RDT400 functionality exposed to network access. Attackers can exploit this without credentials to alter system data.

💻 Affected Systems

Products:

SICK APU with RDT400 component

Versions: Specific versions not detailed in provided references; check SICK advisory for exact affected versions.

Operating Systems: Embedded/industrial OS running SICK APU

Default Config Vulnerable: ⚠️ Yes

Notes: Systems with RDT400 HTTP interface accessible via network are vulnerable. Default configurations likely expose this interface.

📦 What is this software?

Apu0200 Firmware by Sick

View all CVEs affecting Apu0200 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through data manipulation leading to operational disruption, safety hazards in industrial environments, or lateral movement to other systems.

🟠

Likely Case

Unauthorized data modification affecting system integrity, potentially causing incorrect sensor readings, configuration changes, or process interference.

🟢

If Mitigated

Limited to attempted attacks that fail due to proper network segmentation and authentication controls.

🌐 Internet-Facing: HIGH - Directly exploitable via HTTP without authentication from internet-facing systems.

🏢 Internal Only: HIGH - Even internally, unauthenticated attackers on the network can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW - Simple HTTP requests without authentication required.

Exploitation requires network access to the RDT400 HTTP interface. No special tools needed beyond HTTP client.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check SICK advisory for specific patched versions

Vendor Advisory: https://sick.com/psirt

Restart Required: Yes

Instructions:

1. Review SICK advisory SCA-2023-0010. 2. Download and apply the official patch from SICK. 3. Restart the APU system. 4. Verify the fix using verification steps.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate SICK APU systems from untrusted networks using firewalls or VLANs.

Access Control Lists

all

Restrict HTTP access to RDT400 interface to authorized IP addresses only.

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected systems from untrusted networks.
Deploy web application firewall (WAF) rules to block unauthorized HTTP requests to RDT400 endpoints.

🔍 How to Verify

Check if Vulnerable:

Attempt unauthenticated HTTP POST/PUT requests to RDT400 endpoints; if they succeed, system is vulnerable.

Check Version:

Check system firmware/software version via SICK APU web interface or CLI (specific command depends on APU model).

Verify Fix Applied:

After patching, attempt same unauthenticated requests; they should be rejected with authentication errors.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated HTTP requests to RDT400 endpoints
Unexpected data modification events in system logs

Network Indicators:

HTTP traffic to RDT400 ports from unauthorized sources
Unusual HTTP POST/PUT requests to industrial control endpoints

SIEM Query:

source_ip NOT IN authorized_ips AND dest_port=80 AND (uri CONTAINS 'rdt400' OR user_agent='')

📊 Metadata

CVE ID: CVE-2023-43700

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE: CWE-862

Published: October 9, 2023

Last Updated: November 21, 2024

🔗 References

https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf Vendor Advisory
https://sick.com/psirt Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf Vendor Advisory
https://sick.com/psirt Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-43700, you might also want to check these: