CVE-2023-49899
X-Rite · MA-T6
An origin validation error in the X-Rite MA-T6 device allows unauthenticated remote attackers to execute arbitrary commands on the affected hardware.
Executive summary
An unauthenticated remote command execution vulnerability in X-Rite MA-T6 devices allows attackers to seize control of the hardware due to improper origin validation.
Vulnerability
The device fails to correctly verify the origin of communication channels, allowing an unauthenticated remote attacker to send malicious requests. This results in the ability to execute arbitrary commands on the target device.
Business impact
With a CVSS score of 9.8, this vulnerability poses a severe threat to the physical and digital security of the device. An attacker can gain full control over the hardware, leading to potential operational disruption or the use of the device as a pivot point within the internal network.
Remediation
Immediate Action: Update the X-Rite MA-T6 firmware to version 2.33 or later.
Proactive Monitoring: Monitor network traffic to and from the device for anomalous command sequences or unauthorized connection attempts.
Compensating Controls: If a firmware update cannot be applied immediately, isolate the device behind a firewall and restrict access to authorized management IP addresses only.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
The ability for an unauthenticated attacker to execute arbitrary commands makes this an extremely high-risk issue. All affected X-Rite MA-T6 units must be patched immediately to prevent unauthorized access and potential persistent system compromise.