Trending

ee-track">
Link copied!

Cyble Research & Intelligence Labs (CRIL) identifies a ControlByWeb Cross-Site Scripting Vulnerability – CVE-2023-6333

Cyble Research & Intelligence Labs (CRIL) identifies a ControlByWeb Cross-Site Scripting Vulnerability - CVE-2023-6333 Cyble's Senior Researcher, Prajitesh Singh, recently identified a Cross-Site Scripting Vulnerability (CVE-2023-6333) in the web-enabled Ethernet I/O module X-301 and X-332…

December 13, 2023 · 3 min read
Cyble Research & Intelligence Labs (CRIL) identifies a ControlByWeb Cross-Site Scripting Vulnerability – CVE-2023-6333

Cyble Research & Intelligence Labs (CRIL) identifies a ControlByWeb Cross-Site Scripting Vulnerability – CVE-2023-6333

Cyble’s Senior Researcher, Prajitesh Singh, recently identified a Cross-Site Scripting Vulnerability (CVE-2023-6333) in the web-enabled Ethernet I/O module X-301 and X-332 product of ControlByWeb. These products play a crucial role in several vital operations within Critical Infrastructure sectors, enhancing the potential dangers of cyberattacks. Cyble collaborated with the official vendor to share these findings. Subsequently, the information was jointly submitted to the Cybersecurity and Infrastructure Security Agency (CISA) via the Vulnerability Information and Coordination Environment (VINCE) platform to support the Coordinated Vulnerability Disclosure (CVD) program. The vulnerability was then classified in the “high-severity” category, further underscoring its relevance and risk. The affected products are integral to Multiple Critical Infrastructure sectors and have a broad range of industrial applications, such as controlling motors, lights, coils, pumps, valves, belts, etc. Any compromises here can lead to various critical implications ranging from financial losses to disruption of critical supply chains. Moreover, such vulnerabilities can open the door for malicious actors to manipulate these systems, causing physical damage to the infrastructure and posing risks to the operators themselves.
X332 relay, Vulnerability, ControlByWeb
X332 relay (Source: https://www.controlbyweb.com/x332/)
An example of malicious actors’ interest in compromising similar systems is the recent attack on the Municipal Water Authority of Aliquippa in western Pennsylvania. This attack was attributed to an Iranian-backed cyber group known as CyberAv3ngers, further highlighting the constant efforts that malicious actors undertake to actively seek new vectors for disrupting National Services. They especially target vulnerabilities and misconfigurations in Industrial Control System (ICS) assets. In the event that an attack successfully compromises these systems within an Operational Technology (OT) environment, it can result in extreme consequences to the firm, national critical infrastructure, global supply chains, and even the physical safety of engineers, operators, and heavy machinery. Collaboration between OT asset vendors and public organizations is crucial to secure Industrial Control Systems (ICS) globally for the smooth and secure operation of National Critical Services”, Prajitesh Singh, Senior Research Engineer at Cyble, mentioned, “Due to the critical role of the OT sector, organizations must equip themselves with the latest threat intelligence to stay ahead of malicious actors and secure their systems. I am proud to contribute such findings to the OT community, shedding light on these issues and helping create more resilient systems.” A crucial component in preventing these critical systems from being compromised is adopting a proactive threat posture, equipping organizations with real-time threat intelligence via platforms such as ODIN. These platforms are tailor-made to assist users in scanning internet-exposed assets, providing actionable intelligence that indicates potentially vulnerable systems and products susceptible to targeting by malicious actors. This, in turn, can lead to the compromise of the targeted products. Being forewarned and armed with these insights, organizations can take corrective action on these products, patch vulnerabilities, roll out software updates, and inform their user base and the relevant authorities, fostering an environment of collective information sharing and collaboration. This collaboration is essential, as Singh notes that it is not just one organization, industry, or nation that is affected by a successful compromise of these critical products. Due to their role in the increasingly globalized economy and the critical place that these sectors occupy in national security, international trade, and manufacturing, their continued security is of paramount importance to everyone, ranging from public organizations such as CISA to the manufacturers of OT/IT components and everyone in between. Cyble continues to be vigilant for vulnerabilities across all exposed products using our proprietary AI and ML-driven algorithms present in all Cyble products, enabling companies to find and report these to you in real time, often before these can be exploited.
AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams