Authentication bypass in iDoors Reader

Published: 2019-07-02

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2019-5964
CWE-ID	CWE-288
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software Subscribe	iDoors Reader Mobile applications / Apps for mobile phones
Vendor	A.T.WORKS, Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU18948

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-5964

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: No

Description

The vulnerability allows an attacker to operate the product.

The vulnerability exist due to improper implementation of the authentication process. An attacker on the local network can bypass authentication process and gain unrestricted access to management console.

Successful exploitation of the vulnerability may allow an attacker to change the device settings, reset the administrator account, and use the management screen.

Mitigation

To get an updated version, please contact a vendor at the following email address:

sales2@atworks.co.jp

Vulnerable software versions

iDoors Reader: before 2.10.17

External links

http://idoors.jp/?info=idoors%e3%83%aa%e3%83%bc%e3%83%80%e3%81%ab%e3%81%8a%e3%81%91%e3%82%8b%e8%aa%...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.