SB2018101905 - Multiple vulnerabilities in Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App
Published: October 19, 2018
Security Bulletin ID
SB2018101905
Severity
Low
Patch available
NO
Number of vulnerabilities
4
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Use of hardcoded credentials (CVE-ID: CVE–2018-5399)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to use of an undocumented Dropbear SSH server with a hardcoded username and password. A remote attacker can crack the password.
2) Origin validation error (CVE-ID: CVE–2018-5400)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to origin validation error when the Auto-Maskin products utilize an undocumented custom protocol. A remote attacker can bypass security restrictions to set up Modbus communications with other devices without validating those devices.
3) Cleartext transmission of sensitive information (CVE-ID: CVE–2018-5401)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to devices transmit process control information via unencrypted Modbus communications. A remote attacker can gain access to arbitrary data.
4) Cleartext transmission of sensitive information (CVE-ID: CVE–2018-5402)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to the embedded webserver uses unencrypted plaintext for the transmission of the administrator PIN. A remote attacker can gain access to arbitrary data.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.