CVE-2023-5347
📋 TL;DR
This vulnerability allows attackers to bypass cryptographic signature verification during firmware updates on Korenix JetNet industrial networking devices. Attackers can replace the entire operating system including trusted executables, leading to complete device compromise. It affects JetNet devices running firmware older than version 2024/01.
💻 Affected Systems
- Korenix JetNet Series industrial switches and routers
📦 What is this software?
Jetnet 5728g 24p Ac 2dc Eu Firmware by Korenix
View all CVEs affecting Jetnet 5728g 24p Ac 2dc Eu Firmware →
Jetnet 5728g 24p Ac 2dc Us Firmware by Korenix
View all CVEs affecting Jetnet 5728g 24p Ac 2dc Us Firmware →
Jetnet 6728g 24p Ac 2dc Eu Firmware by Korenix
View all CVEs affecting Jetnet 6728g 24p Ac 2dc Eu Firmware →
Jetnet 6728g 24p Ac 2dc Us Firmware by Korenix
View all CVEs affecting Jetnet 6728g 24p Ac 2dc Us Firmware →
Jetnet 6828gf Ac Dc24 Eu Firmware by Korenix
Jetnet 6828gf Ac Dc24 Us Firmware by Korenix
⚠️ Risk & Real-World Impact
Worst Case
Complete device takeover allowing installation of malicious firmware, persistent backdoor access, network traffic interception, and lateral movement to other industrial control systems.
Likely Case
Unauthenticated attackers gaining full administrative control of affected devices, enabling network disruption, data exfiltration, and potential ransomware deployment.
If Mitigated
Limited to internal network access only, with proper network segmentation preventing lateral movement to critical systems.
🎯 Exploit Status
Public exploit code available on Packet Storm Security. Exploitation requires network access to device but no authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Firmware version 2024/01 or newer
Vendor Advisory: https://www.beijerelectronics.com/en/support/Help___online?docId=69947
Restart Required: Yes
Instructions:
1. Download latest firmware from vendor support site. 2. Backup current configuration. 3. Upload firmware via web interface or CLI. 4. Apply firmware update. 5. Reboot device. 6. Restore configuration if needed.
🔧 Temporary Workarounds
Network Segmentation
allIsolate JetNet devices in separate VLANs with strict firewall rules limiting access to management interfaces.
Management Interface Restriction
allRestrict management interface access to specific trusted IP addresses only.
# Example: Configure ACL to restrict management access
access-list 10 permit 192.168.1.0 0.0.0.255
line vty 0 4
access-class 10 in
🧯 If You Can't Patch
- Remove internet-facing exposure immediately and place behind VPN with multi-factor authentication.
- Implement network monitoring for unusual firmware update attempts and unexpected device reboots.
🔍 How to Verify
Check if Vulnerable:
Check firmware version via web interface (System > Firmware) or CLI command 'show version'. If version is older than 2024/01, device is vulnerable.Check Version:
show versionVerify Fix Applied:
After update, verify firmware version shows 2024/01 or newer. Test update process with legitimate signed firmware to confirm signature verification works.📡 Detection & Monitoring
Log Indicators:
- Unexpected firmware update attempts
- Device reboots without scheduled maintenance
- Failed signature verification messages
Network Indicators:
- HTTP/HTTPS requests to firmware update endpoints from unauthorized sources
- Unusual traffic patterns to/from JetNet management interfaces
SIEM Query:
source="jetnet" AND (event_type="firmware_update" OR event_type="reboot") AND NOT user="admin"🔗 References
- http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
- http://seclists.org/fulldisclosure/2024/Jan/11
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
- https://www.beijerelectronics.com/en/support/Help___online?docId=69947
- http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
- http://seclists.org/fulldisclosure/2024/Jan/11
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
- https://www.beijerelectronics.com/en/support/Help___online?docId=69947
