CVE-2023-29492 (GCVE-0-2023-29492)

Vulnerability from cvelistv5 – Published: 2023-04-11 00:00 – Updated: 2025-10-21 23:05
VLAI CISA KEVIntel
Summary
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.
Severity
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • n/a
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
Vendor Product Version
novisurvey novi_survey Affected: 0 , < 8.9.43676 (custom)
    cpe:2.3:a:novisurvey:novi_survey:*:*:*:*:*:*:*:*
 Create a notification for this product.
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 615674bd-9447-4395-bc1b-1547a08a9341

Vulnerability ID: CVE-2023-29492

Status: Confirmed

Status Updated: 2023-04-13 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2023-04-13
Asserted: 2023-04-13
Scope
Notes: KEV entry: Novi Survey Insecure Deserialization Vulnerability | Affected: Novi Survey / Novi Survey | Description: Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account. | Required action: Apply updates per vendor instructions. | Due date: 2023-05-04 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx; https://nvd.nist.gov/vuln/detail/CVE-2023-29492
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-94
Feed CISA Known Exploited Vulnerabilities Catalog
Product Novi Survey
Due Date 2023-05-04
Date Added 2023-04-13
Vendorproject Novi Survey
Vulnerabilityname Novi Survey Insecure Deserialization Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 4e31d589-645c-4dde-9e95-f0f4759dd584

Vulnerability ID: CVE-2023-29492

Status: Confirmed

Status Updated: 2023-04-13 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2023-04-13
Asserted: 2023-04-13
Scope
Notes: KEVIntel entry: Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not... | Affected: Novi Survey / Novi Survey | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False
Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details
Feed KEVIntel (kevintel.com)
Title Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not...
Vendor Novi Survey
Product Novi Survey
Added Date 2023-04-13T00:00:00.000Z
Cvss Score 9.8
Epss Score None
Cvss Severity CRITICAL
Epss Percentile None
Used In Malware unknown
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False
References
Created: 2026-06-19 12:46 UTC | Updated: 2026-06-19 12:46 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:07:46.158Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:novisurvey:novi_survey:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "novi_survey",
            "vendor": "novisurvey",
            "versions": [
              {
                "lessThan": "8.9.43676",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-29492",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-27T22:19:16.192249Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-04-13",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29492"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:05:49.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29492"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-04-13T00:00:00.000Z",
            "value": "CVE-2023-29492 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-29492",
    "datePublished": "2023-04-11T00:00:00.000Z",
    "dateReserved": "2023-04-07T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:05:49.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-29492",
      "cwes": "[\"CWE-94\"]",
      "dateAdded": "2023-04-13",
      "dueDate": "2023-05-04",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx; https://nvd.nist.gov/vuln/detail/CVE-2023-29492",
      "product": "Novi Survey",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.",
      "vendorProject": "Novi Survey",
      "vulnerabilityName": "Novi Survey Insecure Deserialization Vulnerability"
    },
    "epss": {
      "cve": "CVE-2023-29492",
      "date": "2026-06-22",
      "epss": "0.0269",
      "percentile": "0.83925"
    },
    "fkie_nvd": {
      "cisaActionDue": "2023-05-04",
      "cisaExploitAdd": "2023-04-13",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Novi Survey Insecure Deserialization Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:3rdmill:novi_survey:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.9.43676\", \"matchCriteriaId\": \"C1D0E9E5-7AEA-4606-95EF-1A5909DCCFD2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.\"}]",
      "id": "CVE-2023-29492",
      "lastModified": "2024-11-21T07:57:10.087",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-04-11T05:15:07.393",
      "references": "[{\"url\": \"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-29492\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-04-11T05:15:07.393\",\"lastModified\":\"2025-10-27T14:56:50.397\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-04-13\",\"cisaActionDue\":\"2023-05-04\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Novi Survey Insecure Deserialization Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:3rdmill:novi_survey:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.9.43676\",\"matchCriteriaId\":\"C1D0E9E5-7AEA-4606-95EF-1A5909DCCFD2\"}]}]}],\"references\":[{\"url\":\"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29492\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:07:46.158Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-29492\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-27T22:19:16.192249Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-04-13\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29492\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:novisurvey:novi_survey:*:*:*:*:*:*:*:*\"], \"vendor\": \"novisurvey\", \"product\": \"novi_survey\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.9.43676\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-04-13T00:00:00.000Z\", \"value\": \"CVE-2023-29492 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29492\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-13T17:23:57.565Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-04-11T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-29492\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:05:49.479Z\", \"dateReserved\": \"2023-04-07T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-04-11T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.