SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-214864127] Satel Iberia SenNet Data Logger and Electricity Meters

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-05-11OtherSatel IberiaKarn Ganeshan discovered this vulnerability. N/ACVE-2017-6048 N/AN/AN/A

Source

						
							
								
#
# Satel Iberia SenNet Data Logger and Electricity Meters
#


### VULNERABLE VENDOR
Satel Iberia


### VULNERABLE PRODUCT
SenNet Data Logger and Electricity Meters



### RESEARCHER
Karn Ganeshan discovered this vulnerability.



### AFFECTED PRODUCTS

The following versions of SenNet Data Logger and Electricity Meters, monitoring platforms, are affected:

SenNet Optimal DataLogger V5.37c-1.43c and prior,
SenNet Solar Datalogger V5.03-1.56a and prior, and
SenNet Multitask Meter V5.21a-1.18b and prior.



### IMPACT

Successful exploitation of this vulnerability could allow the attacker to gain root privilege to run arbitrary commands and change system data.



### VULNERABILITY OVERVIEW

COMMAND INJECTION CWE-77
Successful exploitation of this vulnerability could result in the attacker breaking out of the jailed shell and gaining full access to the system.
CVE-2017-6048 has been assigned to this vulnerability.
A CVSS v3 base score of 8.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Critical Manufacturing, Energy, Transportation Systems
Countries/Areas Deployed: Americas and Europe
Company Headquarters Location: Spain




### MITIGATION

Satel Iberia recommends that affected users upgrade to the latest version available. The latest version can be obtained from Satel Iberia support at support@satelspain.com