Main Vulnerability Database Vulnerabilities #VU7603

Security restrictions bypass in Mirion Technologies products - CVE-2017-9645

Published: July 31, 2017

Vulnerability identifier: #VU7603

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-9645

CWE-ID: CWE-326

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: Mirion Technologies

Affected software:
MESH Repeater
Telepole II
External Transmitters
RDS Based Boundary Monitors
DRM Based Boundary Monitors
Solar PWR
DRM-1/2б
RSD31-AM
RDS-31 iTX
iPam Transmitter f/DMC 2000
DMC 3000 Transmitter Module

Detailed vulnerability description

The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.

The weakness exists due to use inadequate encryption strength. An adjacent attacker can decrypt data at the hardware level.

How to mitigate CVE-2017-9645

Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.

Sources

https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02

Security restrictions bypass in Mirion Technologies products - CVE-2017-9645

Detailed vulnerability description

How to mitigate CVE-2017-9645

Sources

Please verify you're human