Initiatives for
    
    As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
      
     
                  Reference:
Advisory #2023-146
Version:
1.0
Affected software:
Atos Unify OpenScape BCF V10 V10R10.12.00.
Atos Unify OpenScape BCF V10 V10R11.05.02.
Atos Unify OpenScape Branch V10 V10R3.4.0.
Atos Unify OpenScape SBC V10 V10R3.4.0.
Type:
Authentication bypass
CVE/CVSS:
CVE-2023-6269: CVSS 10 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
https://networks.unify.com/security/advisories/OBSO-2310-01.pdf
An unauthenticated attacker can execute arbitrary code on the affected systems or bypass the authentication of the web interface. This could compromise the confidentiality, integrity, and availability of the systems and the data they process.
The vulnerability is located in the administrative web interface of the Atos Unify OpenScape products, which is used to configure and manage the systems.
The web interface does not properly validate the input from the user, which may allow an attacker to skip the web interface login process without credentials and run any code on the system. The vulnerability is very serious, and customers should apply the available patch as soon as possible.
This web interface is interesting for an attacker because it may allow them to access sensitive information, modify the system settings, disrupt the communication services, and use this as pivot point to other trusted systems.
Confidentiality: An attacker can access the system files and data, which may contain sensitive information, such as user credentials, configuration settings, call logs, voice recordings, etc. This may violate the privacy and security of the users and the organizations that use the products.
Integrity: An attacker can modify the system files and data, which may affect the functionality and performance of the products. This may cause errors, malfunctions, or misconfigurations that could compromise the quality and reliability of the communication services.
Availability: An attacker can delete the system files and data, which may render the products unusable or inaccessible. This may cause service disruptions, outages, or denial of service that could affect the availability and continuity of the communication services.
There is currently no evidence yet that this vulnerability has been actively exploited in the wild, but it is likely that threat actors become aware of the vulnerability and may try to exploit the vulnerability.
The Centre for Cyber Security Belgium strongly recommends to update as soon as possible to any of these releases where applicable:
Workaround and good security practices:
https://networks.unify.com/security/advisories/OBSO-2310-01.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6269