CVE-2023-6545: VDE-2023-067 | CERT@VDE

2023-12-13 08:00 (CET) VDE-2023-067

Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf
Share: Email | Twitter

Published

2023-12-13 08:00 (CET)

Last update

2023-12-11 14:13 (CET)

Vendor(s)

Beckhoff Automation GmbH & Co. KG

Product(s)

Article No°

Product Name

Affected Version(s)

authelia-bhf included in TwinCAT/BSD

< 4.37.5

Summary

With TwinCAT/BSD based products the HTTPS request to the Authelia login page accepts user-controlled input that specifies a link to an external site.

CVE ID

Last Update:

Dec. 11, 2023, 11:26 a.m.

Severity

Weakness

URL Redirection to Untrusted Site (‘Open Redirect’) (CWE-601)

Summary

The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. This may have limited impact to integrity and does solely affect anthelia-bhf the Beckhoff fork of authelia.

Details

Impact

By default TwinCAT/BSD based products have Authelia installed and configured to perform the user authentication for web applications hosted on a target. This installation and configuration is provided with the package named “authelia-bhf”. With the affected versions of the package Authelia is configured to accept user-controlled input via URL parameter that specifies a link which can then be a link to an arbitrary external site.

Please note: The sources for the package “authelia-bhf” are a fork from the original Open Source Software called “Authelia”. The vulnerability was exclusively introduced with that fork and has been removed there. It never became part of “Authelia”.

Solution

Mitigation

Use firewall or web-proxy technology at your network perimeter which allow internal clients to access only trusted external sites directly.

Remediation

Please update to a recent version of the affected product.

Reported by