SB2019020613 - Multiple vulnerabilities in Kunbus PR100088 Modbus Gateway
Published: February 6, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Improper authentication (CVE-ID: CVE-2019-6527)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass authentication.
The vulnerability exists due to improper authentication. A remote attacker can bypass authentication and change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.
2) Missing authentication for critical function (CVE-ID: CVE-2019-6533)
CWE-ID: CWE-306 - Missing Authentication for Critical Function
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass authentication.
The vulnerability exists due to missing authentication for critical function. A remote attacker can read and write registers used to store Modbus values from the web interface without authentication.
3) Improper input validation (CVE-ID: CVE-2019-6529)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote high-privileged attacker to cause DoS condition.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can supply a specially crafted FTP request and crash the device.
Remediation
Install update from vendor's website.