Multiple vulnerabilities in Ypsomed mylife



Published: 2021-07-16
Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2021-27491
CVE-2021-27495
CVE-2021-27499
CVE-2021-27503
CWE-ID CWE-522
CWE-329
CWE-798
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Ypsomed mylife Cloud
Client/Desktop applications / Other client software

Ypsomed mylife App
Mobile applications / Apps for mobile phones

Vendor

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Insufficiently protected credentials

EUVDB-ID: #VU54919

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27491

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A remote attacker can disclose password hashes during the registration process.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ypsomed mylife Cloud: before 1.7.2

Ypsomed mylife App: before 1.7.5

External links

http://ics-cert.us-cert.gov/advisories/icsma-21-196-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Insufficiently protected credentials

EUVDB-ID: #VU54920

Risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27495

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected software reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint. A remote authenticated attacker can disclose sensitive information on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ypsomed mylife Cloud: before 1.7.2

Ypsomed mylife App: before 1.7.5

External links

http://ics-cert.us-cert.gov/advisories/icsma-21-196-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Not Using an Unpredictable IV with CBC Mode

EUVDB-ID: #VU54921

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27499

CWE-ID: CWE-329 - Not Using an Unpredictable IV with CBC Mode

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs. A remote attacker can perform a man-in-the-middle attack to tamper with messages. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ypsomed mylife Cloud: before 1.7.2

Ypsomed mylife App: before 1.7.5

External links

http://ics-cert.us-cert.gov/advisories/icsma-21-196-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use of hard-coded credentials

EUVDB-ID: #VU54922

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27503

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can perform a man-in-the-middle attack to tamper with messages.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ypsomed mylife Cloud: before 1.7.2

Ypsomed mylife App: before 1.7.5

External links

http://ics-cert.us-cert.gov/advisories/icsma-21-196-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###