// For flags

CVE-2023-43775

Security issue in SMP Gateway automation platform

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows

attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. In rare situations, the issue could cause
the SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is
not vulnerable anymore.

Una vulnerabilidad de denegación de servicio en el servidor web de Eaton SMP Gateway permite a un atacante forzar potencialmente un reinicio inesperado de la plataforma de automatización, lo que afecta la disponibilidad del producto. En situaciones excepcionales, el problema podría provocar que el dispositivo SMP se reinicie en Modo Seguro o Modo Seguro Máximo. Cuando está en Modo Seguro Máximo, el producto ya no es vulnerable.

*Credits: Communications Security Establishment, Canada.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-09-22 CVE Reserved
  • 2023-09-26 CVE Published
  • 2024-09-24 CVE Updated
  • 2024-10-02 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Eaton
Search vendor "Eaton"
Smp Sg-4260 Firmware
Search vendor "Eaton" for product "Smp Sg-4260 Firmware"
>= 8.0 < 8.0r9
Search vendor "Eaton" for product "Smp Sg-4260 Firmware" and version " >= 8.0 < 8.0r9"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4260
Search vendor "Eaton" for product "Smp Sg-4260"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4260 Firmware
Search vendor "Eaton" for product "Smp Sg-4260 Firmware"
>= 8.1 < 8.1r5
Search vendor "Eaton" for product "Smp Sg-4260 Firmware" and version " >= 8.1 < 8.1r5"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4260
Search vendor "Eaton" for product "Smp Sg-4260"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4260 Firmware
Search vendor "Eaton" for product "Smp Sg-4260 Firmware"
>= 8.2 < 8.2r4
Search vendor "Eaton" for product "Smp Sg-4260 Firmware" and version " >= 8.2 < 8.2r4"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4260
Search vendor "Eaton" for product "Smp Sg-4260"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
>= 8.0 < 8.0r9
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version " >= 8.0 < 8.0r9"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
>= 8.1 < 8.1r5
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version " >= 8.1 < 8.1r5"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
>= 8.2 < 8.2r4
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version " >= 8.2 < 8.2r4"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
7.0
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version "7.0"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
7.1
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version "7.1"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp Sg-4250 Firmware
Search vendor "Eaton" for product "Smp Sg-4250 Firmware"
7.2
Search vendor "Eaton" for product "Smp Sg-4250 Firmware" and version "7.2"
-
Affected
in Eaton
Search vendor "Eaton"
Smp Sg-4250
Search vendor "Eaton" for product "Smp Sg-4250"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
>= 8.0 < 8.0r9
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version " >= 8.0 < 8.0r9"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
>= 8.1 < 8.1r5
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version " >= 8.1 < 8.1r5"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
>= 8.2 < 8.2r4
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version " >= 8.2 < 8.2r4"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
6.3
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version "6.3"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
7.0
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version "7.0"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
7.1
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version "7.1"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 4\/dp Firmware
Search vendor "Eaton" for product "Smp 4\/dp Firmware"
7.2
Search vendor "Eaton" for product "Smp 4\/dp Firmware" and version "7.2"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 4\/dp
Search vendor "Eaton" for product "Smp 4\/dp"
--
Safe
Eaton
Search vendor "Eaton"
Smp 16 Firmware
Search vendor "Eaton" for product "Smp 16 Firmware"
>= 8.0 < 8.0r9
Search vendor "Eaton" for product "Smp 16 Firmware" and version " >= 8.0 < 8.0r9"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 16
Search vendor "Eaton" for product "Smp 16"
--
Safe
Eaton
Search vendor "Eaton"
Smp 16 Firmware
Search vendor "Eaton" for product "Smp 16 Firmware"
6.3
Search vendor "Eaton" for product "Smp 16 Firmware" and version "6.3"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 16
Search vendor "Eaton" for product "Smp 16"
--
Safe
Eaton
Search vendor "Eaton"
Smp 16 Firmware
Search vendor "Eaton" for product "Smp 16 Firmware"
7.0
Search vendor "Eaton" for product "Smp 16 Firmware" and version "7.0"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 16
Search vendor "Eaton" for product "Smp 16"
--
Safe
Eaton
Search vendor "Eaton"
Smp 16 Firmware
Search vendor "Eaton" for product "Smp 16 Firmware"
7.1
Search vendor "Eaton" for product "Smp 16 Firmware" and version "7.1"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 16
Search vendor "Eaton" for product "Smp 16"
--
Safe
Eaton
Search vendor "Eaton"
Smp 16 Firmware
Search vendor "Eaton" for product "Smp 16 Firmware"
7.2
Search vendor "Eaton" for product "Smp 16 Firmware" and version "7.2"
-
Affected
in Eaton
Search vendor "Eaton"
Smp 16
Search vendor "Eaton" for product "Smp 16"
--
Safe