External risk intelligence

Bookreen allows attackers to take control of systems by uploading malicious files.

CVE advisorySeverity: HIGH (CVSS 7.2)

CVE-2023-3375

An external attacker could exploit Unisign Bookreen by uploading a malicious file, allowing them to run system commands and potentially gain unauthorized control. This matters because it could lead to complete compromise of the affected system.

2Halo Surface Signal

Unrestricted File Upload

Bookreen

before 3.0.0

External exposure likelihood

Halo Surface Signal score for CVE-2023-3375

Unisign Bookreen is a workspace scheduling platform designed for enterprise office management. While it is a network-reachable web application, it is intended for internal organizational use to coordinate desk and room bookings. On-premises deployments are typically hosted behind internal firewalls, corporate intranets, or VPN controls, making public internet exposure uncommon.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability in Unisign Bookreen allows for OS Command Injection by uploading a malicious file. This means an attacker could potentially run unauthorized commands on the system.

  • It can allow unauthorized command execution.
  • Affects Bookreen versions before 3.0.0.
  • Requires existing access to exploit.

Attack Path

How an attacker could exploit the issue

An attacker with authenticated access to Bookreen could exploit this flaw by uploading a malicious file, which the application then executes, leading to command injection on the server. This allows the attacker to run arbitrary operating system commands, potentially compromising the entire Bookreen environment and any data it holds.

  • Requires authenticated access.
  • Upload feature is vulnerable.
  • Server-side execution of uploaded file.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability, allowing unrestricted file uploads leading to OS command injection, is concerning but its immediate weaponization is uncertain. While the technical capability for exploitation is present and can lead to significant system compromise, the target application's nature as an internal enterprise management tool may limit its attractiveness for widespread, opportunistic attacks. Attackers might prefer vulnerabilities in more broadly exposed or consumer-facing software.

  • Exploitation not observed.
  • No public exploits available.
  • Application likely internal-facing.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize actions to detect and block exploitation of the unrestricted file upload vulnerability in Bookreen, which can lead to OS command injection. Focus on identifying any signs of compromise and assessing the scope of affected systems.

  • Block untrusted file uploads.
  • Monitor network traffic for suspicious commands.
  • Update Bookreen to version 3.0.0 or later.

Frequently asked questions

What is Unisign Bookreen and how is it used?

Unisign Bookreen is a workspace scheduling platform designed for enterprise office management. It is used by organizations to coordinate and manage bookings for desks and meeting rooms within their offices.

What kind of vulnerability does CVE-2023-3375 describe?

CVE-2023-3375 is an Unrestricted Upload of File with Dangerous Type vulnerability. This weakness in Unisign Bookreen allows an attacker to upload a malicious file, which can then lead to OS Command Injection, meaning unauthorized commands could be run on the system.

How could an attacker exploit this Bookreen vulnerability?

An attacker would need authenticated access to the Bookreen system. They could then exploit the vulnerability by uploading a malicious file through a feature that doesn't properly restrict file types. The application's subsequent handling of this file could lead to the execution of arbitrary operating system commands on the server.

Who should be concerned about CVE-2023-3375?

Organizations using Unisign Bookreen should be concerned. While the platform is a network-reachable web application, it's typically used internally and hosted behind firewalls, making direct internet exposure unlikely. The Halo Surface Signal indicates a low probability of broad external exposure.

What is the first step for managing this Bookreen threat?

The immediate first step is to update Unisign Bookreen to version 3.0.0 or later. Additionally, it's important to monitor network traffic for suspicious commands and block any untrusted file uploads that could be malicious.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified