SB2019120603 - Multiple vulnerabilities in Weidmüller Industrial Ethernet Switches

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019120603

SB2019120603 - Multiple vulnerabilities in Weidmüller Industrial Ethernet Switches

Published: December 6, 2019

Security Bulletin ID SB2019120603
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Predictable from Observable State (CVE-ID: CVE-2019-16674)

The vulnerability allows a remote attacker to gain access to admin password.

The vulnerability exists due authentication information used in a cookie is predictable. A remote attacker can compromise the admin password when captured on the network.


2) Unprotected Storage of Credentials (CVE-ID: CVE-2019-16673)

The vulnerability allows a remote attacker to gain access to other users' credentials.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A remote attacker with access to the device can view contents of the configuration file and gain access to passwords for 3rd party integration.


3) Cleartext Transmission of Sensitive Information (CVE-ID: CVE-2019-16672)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker with ability to intercept network traffic can gain access to credentials data.


4) Resource exhaustion (CVE-ID: CVE-2019-16671)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation. A remote authenticated attacker can send a specially crafted packet, trigger resource exhaustion and cause a denial of service condition on the target system.


5) Improper Restriction of Excessive Authentication Attempts (CVE-ID: CVE-2019-16670)

The vulnerability allows a remote attacker to gain access to the system.

The vulnerability exists due to the authentication mechanism has no brute-force prevention. A remote attacker can launch a brute-force authentication attack and gain access to the target system.


Remediation

Install update from vendor's website.

References