Vulnerability Summary
-
CVE ID: CVE-2023-48252
-
Severity: High (CVSS 3.1 Score: 8.8)
-
Attack Vector: Network
-
Privileges Required: Low
-
User Interaction: NoneNozomi Networks+1NVD+1
-
Impact: Allows authenticated remote attackers to perform unauthorized actions via crafted HTTP requestsBosch PSIRT+3NVD+3CVE+3
Affected Products
| Product Model | Affected Versions |
|---|---|
| Nexo cordless nutrunner NXA011S-36V (0608842011) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA011S-36V-B (0608842012) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA015S-36V (0608842001) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA015S-36V-B (0608842006) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA030S-36V (0608842002) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA030S-36V-B (0608842007) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA050S-36V (0608842003) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA050S-36V-B (0608842008) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA065S-36V (0608842013) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXA065S-36V-B (0608842014) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXP012QD-36V (0608842005) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXP012QD-36V-B (0608842010) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXV012T-36V (0608842015) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo cordless nutrunner NXV012T-36V-B (0608842016) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2272) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2301) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2514) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2515) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2666) | NEXO-OS V1000-Release to V1500-SP2 |
| Nexo special cordless nutrunner (0608PE2673) | NEXO-OS V1000-Release to V1500-SP2 |
How the Exploit Works
CVE-2023-48252 is an improper authorization vulnerability in Bosch Rexroth’s Nexo cordless nutrunner devices. An authenticated remote attacker can send specially crafted HTTP requests to perform actions beyond their authorized access level. This flaw arises due to insufficient access control checks within the device’s web interface, allowing privilege escalation and unauthorized operations.NVD+3Bosch PSIRT+3Bosch Rexroth Global+3NVD+3Tenable®+3CVE+3
Conceptual Example Code
Escape the Surveillance Era
Most apps won’t tell you the truth.
They’re part of the problem.
Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.
Ameeba Chat gives you a way out.
- • No phone number
- • No email
- • No personal info
- • Anonymous aliases
- • End-to-end encrypted
Chat without a trace.
While specific exploit code is not publicly available, a conceptual example of how an attacker might exploit this vulnerability is as follows:
In this example, an attacker with low-level credentials sends a POST request to modify device settings that should be restricted to higher-privileged users.
Potential Risks
-
Unauthorized modification of device configurations
-
Execution of privileged operations without proper authorization
-
Potential disruption of device functionality
-
Exposure of sensitive operational data
Mitigation Recommendations
-
Update Firmware: Bosch Rexroth has released NEXO-OS V1500-SP3, which addresses this vulnerability. Users should update their devices to this version promptly.Nozomi Networks+2Bosch PSIRT+2Bosch Rexroth Global+2
-
Network Segmentation: Operate affected devices within protected network segments to limit exposure to potential attackers.Bosch PSIRT
-
Access Controls: Implement strict access control measures, ensuring only authorized personnel can interact with the devices.
-
Monitor Logs: Regularly review device logs for any unauthorized access attempts or unusual activities.
Conclusion
CVE-2023-48252 highlights the importance of proper authorization mechanisms in industrial devices. By exploiting this vulnerability, attackers can perform unauthorized actions, potentially compromising the integrity and functionality of critical equipment. Timely firmware updates and robust security practices are essential to mitigate such risks.
References
-
[Tenable – CVE-2023-48252](https://www.tenable.com/cve/C