CVE-2023-27482 : homeassistant is an open source home automation tool. A remotely exploitable vul

homeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered. This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or older. Installation types, like Home Assistant Container (for example Docker), or Home Assistant Core manually in a Python environment, are not affected. The issue has been mitigated and closed in Supervisor version 2023.03.1, which has been rolled out to all affected installations via the auto-update feature of the Supervisor. This rollout has been completed at the time of publication of this advisory. Home Assistant Core 2023.3.0 included mitigation for this vulnerability. Upgrading to at least that version is thus advised. In case one is not able to upgrade the Home Assistant Supervisor or the Home Assistant Core application at this time, it is advised to not expose your Home Assistant instance to the internet.

Published 2023-03-08 18:15:12

Updated 2023-05-17 23:15:09

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2023-27482

Home-assistant » Home-assistant
Versions before (<) 2023.3.0
cpe:2.3:a:home-assistant:home-assistant:*:*:*:*:*:*:*:*
Matching versions
Home-assistant » Supervisor
Versions before (<) 2023.03.1
cpe:2.3:a:home-assistant:supervisor:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-27482

EPSS FAQ

85.95%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-27482

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H	3.9	6.0	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
10.0	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H	3.9	6.0	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-27482

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: security-advisories@github.com (Primary)

References for CVE-2023-27482

https://github.com/home-assistant/core/security/advisories/GHSA-2j8f-h4mr-qr25

Authentication bypass Supervisor API · Advisory · home-assistant/core · GitHub
Vendor Advisory
https://www.elttam.com/blog/pwnassistant/

PwnAssistant - Controlling /home's via a Home Assistant RCE
https://www.home-assistant.io/blog/2023/03/08/supervisor-security-disclosure/

Disclosure: Supervisor security vulnerability - Home Assistant
Issue Tracking;Vendor Advisory
https://github.com/elttam/publications/blob/master/writeups/home-assistant/supervisor-authentication-bypass-advisory.md

publications/supervisor-authentication-bypass-advisory.md at master · elttam/publications · GitHub

Jump to

Vulnerability Details : CVE-2023-27482

Products affected by CVE-2023-27482

Exploit prediction scoring system (EPSS) score for CVE-2023-27482

CVSS scores for CVE-2023-27482

CWE ids for CVE-2023-27482

References for CVE-2023-27482