Main Vulnerability Database Vulnerabilities #VU16230

Authentication bypass in SDS 1202X-E - #VU16230

Published: December 4, 2018

Vulnerability identifier: #VU16230

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-592

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Siglent Technology

Affected software:
SDS 1202X-E

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass authentication on the affected system.

The vulnerability exists due to the software “EasyScopeX” can be used from any computer in the network to configure and interact with the oscilloscope. A remote unauthenticated attacker can bypass authentication and change settings on the oscilloscope.

Remediation

Cybersecurity Help is currently unaware of any official solutions to address the vulnerability.

Sources

https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-siglent-technologies-sds-...

Authentication bypass in SDS 1202X-E - #VU16230

Detailed vulnerability description

Remediation

Sources

Please verify you're human