CVE-2023-6078
📋 TL;DR
This CVE describes an OS command injection vulnerability in BIOVIA Materials Studio products that allows attackers to execute arbitrary commands on affected systems by uploading a specially crafted Perl script. The vulnerability affects all BIOVIA Materials Studio installations from Release 2021 through Release 2023. Attackers could potentially gain full control of affected systems.
💻 Affected Systems
- BIOVIA Materials Studio
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise leading to data theft, lateral movement, ransomware deployment, or persistent backdoor installation
Likely Case
Unauthorized command execution leading to data exfiltration, privilege escalation, or system manipulation
If Mitigated
Limited impact with proper input validation, file upload restrictions, and network segmentation in place
🎯 Exploit Status
Exploitation requires file upload capability, which typically requires some level of access or authentication
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Update to BIOVIA Materials Studio Release 2024 or apply vendor-provided patches
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Check current BIOVIA Materials Studio version. 2. Download and apply the latest patch from Dassault Systèmes. 3. Restart the application and any related services. 4. Verify the patch was successfully applied.
🔧 Temporary Workarounds
Restrict File Uploads
allLimit file upload functionality to trusted users only and implement strict file type validation
Implement Input Sanitization
allAdd server-side validation to sanitize all file upload inputs and reject suspicious Perl scripts
🧯 If You Can't Patch
- Implement strict network segmentation to isolate BIOVIA Materials Studio systems from critical infrastructure
- Deploy application-level firewalls with rules to block suspicious file upload patterns and command execution attempts
🔍 How to Verify
Check if Vulnerable:
Check BIOVIA Materials Studio version via application interface or installation directory propertiesCheck Version:
Check application 'About' section or installation manifest files for version informationVerify Fix Applied:
Verify version is updated to Release 2024 or later, or confirm patch installation through vendor documentation📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads with .pl extensions
- Suspicious command execution in system logs
- Failed upload attempts with Perl script content
Network Indicators:
- Unexpected outbound connections from BIOVIA systems
- File uploads to BIOVIA web interfaces containing script content
SIEM Query:
source="*bioiva*" AND (event="file_upload" OR event="command_execution") AND (file_extension=".pl" OR command="perl")