PatchSiren cyber security CVE debrief
CVE-2023-46388 LOYTEC electronics GmbH CVE debrief
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 contain an insecure permissions vulnerability in the dpal_config.zml file. This configuration weakness enables remote attackers to extract SMTP client account credentials and subsequently bypass email authentication mechanisms. The vulnerability carries a HIGH severity CVSS 3.1 score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating network-accessible exploitation with low complexity and no required privileges or user interaction, resulting in high confidentiality impact. CISA published advisory ICSA-24-247-01 on September 3, 2024, documenting this issue alongside related vulnerabilities. LOYTEC has committed to remediation through firmware version 8.2.8, which implements encrypted storage of SMTP credentials. The affected product scope extends beyond the initially identified LINX-212 and LINX-151 devices to include LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, and L-INX Configurator, all requiring the same firmware update. Organizations operating these industrial control system components should prioritize patching given the credential disclosure risk and potential for email authentication bypass, which could facilitate further compromise through trusted communication channels.
- Vendor
- LOYTEC electronics GmbH
- Product
- LINX-151
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-03
- Original CVE updated
- 2024-09-03
- Advisory published
- 2024-09-03
- Advisory updated
- 2024-09-03
Who should care
Organizations deploying LOYTEC LINX-212, LINX-151, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, or L-INX Configurator in building automation, industrial control, or critical infrastructure environments where email-based alerting and notification systems are integrated.
Technical summary
The dpal_config.zml file on affected LOYTEC devices carries insecure permissions that expose SMTP client credentials to remote attackers. Successful exploitation enables authentication bypass for email services. LOYTEC firmware 8.2.8 remediates through encrypted credential storage.
Defensive priority
HIGH
Recommended defensive actions
- Update affected LOYTEC devices to firmware version 8.2.8 to obtain encrypted SMTP credential storage
- Review SMTP account configurations for unauthorized access or anomalous email activity
- Audit network segmentation between LOYTEC devices and untrusted networks to limit exposure
- Monitor for unauthorized access attempts targeting dpal_config.zml or related configuration files
- Apply CISA ICS recommended practices for defense-in-depth security architecture
- Validate email authentication mechanisms do not rely solely on credentials stored on affected devices
Evidence notes
Vulnerability description and affected product versions derived from CISA CSAF advisory ICSA-24-247-01. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N confirmed in source metadata. Remediation guidance specifies firmware version 8.2.8 with encrypted SMTP credential storage. Seven product IDs identified as affected: CSAFPID-0001 through CSAFPID-0007.
Official resources
-
CVE-2023-46388 CVE record
CVE.org
-
CVE-2023-46388 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-03