Horizon Alert
Summary of the vulnerability and why it matters
A serious flaw in Smartpower Web allows unauthorized users to read or modify sensitive system files. This could lead to significant disruption of energy and control operations if exploited.
- Can affect systems reachable from the internet.
- Allows attackers to take control.
Attack Path
How an attacker could exploit the issue
An attacker could exploit this vulnerability to read sensitive files on the server or execute arbitrary code. Since the vulnerability is in a web application, an attacker could exploit it remotely without any authentication or prior access.
- Remote exploitation
- No authentication required
- Targets web application interface
Live Threat
Current exploitation, exposure, and threat context
This Local File Inclusion vulnerability in Smartpower Web, rated CRITICAL, presents a significant risk due to its network-accessible nature and lack of authentication requirements. Attackers are likely to target this because it allows for the retrieval of sensitive system files without prior access, potentially leading to further system compromise. The ease of exploitation and broad impact make it an attractive target for various threat actors.
- PHP LFI can lead to remote code execution.
- No authentication required for exploitation.
- Affects energy and control systems.
Priority actions
Operational Fix
Recommended remediation, mitigation, and detection steps
Prioritize identifying and isolating affected Smartpower Web instances to prevent potential remote code execution or unauthorized access. Given the critical severity and network attack vector, immediate action is required if exploitation is suspected. Focus on validating the presence of this vulnerability on your network and taking steps to mitigate risk.
- Block or restrict network access.
- Update to version 23.01.01 or later.
- Monitor for suspicious file access.
