Multiple vulnerabilities in Entes EMG12

Published: 2018-10-02 | Updated: 2018-10-05

Risk	High
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2018-14826 CVE-2018-14822
CWE-ID	CWE-287 CWE-598
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	EMG 12 Hardware solutions / Firmware
Vendor	Entes Electronics

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper authentication

EUVDB-ID: #VU15163

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14826

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication on the target system.

The vulnerability exists in a web interface due to improper authentication. A remote unauthenticated attacker can a web interface and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update to the latest version.

Vulnerable software versions

EMG 12: All versions

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-275-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU15164

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14822

CWE-ID: CWE-598 - Information Exposure Through Query Strings in GET Request