Multiple vulnerabilities in ProMinent MultiFLEX M10a Controller
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-14013 CVE-2017-14007 CVE-2017-14011 CVE-2017-14009 CVE-2017-14005 |
| CWE-ID | CWE-602 CWE-613 CWE-352 CWE-200 CWE-620 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
MultiFLEX M10a Controller Hardware solutions / Firmware |
| Vendor | ProMinent |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU8821
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14013
CWE-ID:
CWE-602 - Client-Side Enforcement of Server-Side Security
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to the log out function in the application removes the user’s session only
on the client side. A remote attacker can bypass protection mechanisms, gain elevated privileges, or assume the identity of an authenticated user.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
MultiFLEX M10a Controller: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-285-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security restrictions bypass
EUVDB-ID: #VU8822
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14007
CWE-ID:
CWE-613 - Insufficient Session Expiration
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to the user’s session is available for an extended period beyond the last activity. A remote attacker can bypass protection mechanisms and reuse an old session for authorization.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
MultiFLEX M10a Controller: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-285-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site request forgery
EUVDB-ID: #VU8823
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14011
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to perform CSRF attack.
The weakness exists due to a lack of cross-site request forgery (CSRF) protection. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
MultiFLEX M10a Controller: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-285-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU8824
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14009
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists due to the current password for the user is specified in plaintext. A remote attacker can use the “Change Password” feature on the application and gain access to the password.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
MultiFLEX M10a Controller: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-285-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Unverified Password Change
EUVDB-ID: #VU8825
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14005
CWE-ID:
CWE-620 - Unverified Password Change
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to change password on the target system.
The weakness exists due to the application does not require the user to know the original password when setting a new password. A remote attacker can change a user’s password, enabling future access and possible configuration changes.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
MultiFLEX M10a Controller: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-285-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
