Multiple vulnerabilities in Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE–2018-5399 CVE–2018-5400 CVE–2018-5401 CVE–2018-5402 |
| CWE-ID | CWE-798 CWE-346 CWE-319 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Auto-Maskin Hardware solutions / Firmware Auto-Maskin Marin Pro Hardware solutions / Firmware Auto-Maskin Marine Pro Observer Mobile applications / Apps for mobile phones |
| Vendor | Auto-Maskin |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Use of hardcoded credentials
EUVDB-ID: #VU15428
Risk: Low
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE–2018-5399
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to use of an undocumented Dropbear SSH server with a hardcoded username and password. A remote attacker can crack the password.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAuto-Maskin: DCU 210E
External linkshttp://www.kb.cert.org/vuls/id/176301
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Origin validation error
EUVDB-ID: #VU15429
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE–2018-5400
CWE-ID:
CWE-346 - Origin Validation Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to origin validation error when the Auto-Maskin products utilize an undocumented custom protocol. A remote attacker can bypass security restrictions to set up Modbus communications with other devices without validating those devices.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAuto-Maskin Marine Pro Observer: All versions
Auto-Maskin Marin Pro: All versions
External linkshttp://www.kb.cert.org/vuls/id/176301
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cleartext transmission of sensitive information
EUVDB-ID: #VU15430
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE–2018-5401
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to devices transmit process control information via unencrypted Modbus communications. A remote attacker can gain access to arbitrary data.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAuto-Maskin Marine Pro Observer: All versions
Auto-Maskin Marin Pro: All versions
External linkshttp://www.kb.cert.org/vuls/id/176301
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cleartext transmission of sensitive information
EUVDB-ID: #VU15431
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE–2018-5402
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to the embedded webserver uses unencrypted plaintext for the transmission of the administrator PIN. A remote attacker can gain access to arbitrary data.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAuto-Maskin: All versions
External linkshttp://www.kb.cert.org/vuls/id/176301
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
