CVE-2023-5719

Q: What is the severity of CVE-2023-5719?

CVE-2023-5719 has a CVSS score of 8.8 (HIGH). CVE-2023-5719 is a password handling vulnerability in Crimson 3.2 Windows configuration tool where passwords containing percent (%) characters get truncated during configuration download, potentially creating weaker credentials. This affects administrators using the Windows configuration tool to set passwords on Red Lion devices. Passwords set via the web interface are not vulnerable.

8.8 HIGH

📋 TL;DR

CVE-2023-5719 is a password handling vulnerability in Crimson 3.2 Windows configuration tool where passwords containing percent (%) characters get truncated during configuration download, potentially creating weaker credentials. This affects administrators using the Windows configuration tool to set passwords on Red Lion devices. Passwords set via the web interface are not vulnerable.

💻 Affected Systems

Products:

Red Lion Crimson 3.2 Windows Configuration Tool

Versions: Crimson 3.2

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects password setting via the Windows configuration tool, not the web interface. Requires administrative access to trigger.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain administrative access to industrial control systems by exploiting weak truncated passwords, potentially leading to operational disruption, data manipulation, or safety incidents.

🟠

Likely Case

Unauthorized access to device configuration and control functions if weak passwords are created and not detected by administrators.

🟢

If Mitigated

Limited impact with proper password policies and monitoring, as the vulnerability requires administrative access to trigger and creates detectable weak passwords.

🌐 Internet-Facing: LOW - The vulnerability requires administrative access to the Windows configuration tool, which is typically not internet-facing.

🏢 Internal Only: MEDIUM - Internal administrators could inadvertently create weak passwords, but exploitation requires knowledge of the specific weak password.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative access to create weak passwords and knowledge of the resulting truncated password.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Crimson 3.2 SR1 or later

Vendor Advisory: https://support.redlion.net/hc/en-us/categories/360002087671-Security-Advisories

Restart Required: No

Instructions:

1. Download Crimson 3.2 SR1 or later from Red Lion support portal. 2. Install the updated version. 3. Verify all passwords set via Windows tool do not contain % characters.

🔧 Temporary Workarounds

Avoid Percent Characters in Passwords

windows

Do not use passwords containing percent (%) characters when setting passwords via the Windows configuration tool.

Use Web Interface for Password Management

all

Set all passwords using the Crimson system web server interface instead of the Windows configuration tool.

🧯 If You Can't Patch

Audit all passwords set via Windows configuration tool for % characters and change any found
Implement strict password policies prohibiting special characters that cause truncation

🔍 How to Verify

Check if Vulnerable:

Check if using Crimson 3.2 Windows configuration tool and if any passwords contain % characters set via this tool.

Check Version:

Check Crimson About dialog or installation details for version information

Verify Fix Applied:

Verify Crimson version is 3.2 SR1 or later and test password setting with % characters to confirm no truncation.

📡 Detection & Monitoring

Log Indicators:

Failed login attempts with truncated passwords
Configuration changes via Windows tool with special characters

Network Indicators:

Unusual authentication patterns to Crimson devices

SIEM Query:

source="crimson" AND (event="password_change" OR event="failed_login") AND message="%"

📊 Metadata

CVE ID: CVE-2023-5719

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-158

Published: November 6, 2023

Last Updated: November 21, 2024

🔗 References

https://support.redlion.net/hc/en-us/categories/360002087671-Security-Advisories Vendor Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-01 Third Party Advisory,US Government Resource
https://support.redlion.net/hc/en-us/categories/360002087671-Security-Advisories Vendor Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-01 Third Party Advisory,US Government Resource

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

Crimson by Redlion

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Avoid Percent Characters in Passwords

Use Web Interface for Password Management

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities