JVNVU#90953541
BUFFALO LinkStation 200 series vulnerable to arbitrary code execution
Overview
LinkStation 200 series provided by BUFFALO INC. contains an arbitrary code execution vulnerability due to insufficient verification of data authenticity.
Products Affected
- LS210D series Ver. 1.08 and earlier
- LS220D series Ver. 1.08 and earlier
- LS220DR series Ver. 1.08 and earlier
- LS220DB series Ver. 1.08 and earlier
Description
LinkStation 200 series provided by BUFFALO INC. is a network attached storage (NAS).
LinkStation 200 series contains an arbitrary code execution vulnerability (CWE-354, CVE-2023-51073) due to insufficient verification of data authenticity during firmware update.
Impact
A remote attacker may execute an arbitrary code with the root privilege via man-in-the-middle attack.
Solution
Update the Firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| BUFFALO INC. | Vulnerable | 2024/03/22 | BUFFALO INC. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Comment
The analysis evaluates "Integrity Impact(I)" as the primary impact, where the affected product is tricked to download the crafted firmware data to execute.
Credit
BUFFALO INC. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.