Vulnerability identifier: #VU16229
Vulnerability risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-259
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
SDS 1202X-E
Hardware solutions /
Firmware
Vendor: Siglent Technology
Description
The vulnerability allows a remote attacker to gain full access to the affected system.
The vulnerability exists due to the password hashes are hardcoded and are difficult to change because the “shadow” file is stored on a cramfs (intentionally write-only) file system. A remote unauthenticated attacker can connect as root to the oscilloscope via LAN when Telnet service is listening on port 23.
Mitigation
Cybersecurity Help is currently unaware of any official solutions to address the vulnerability.
Vulnerable software versions
SDS 1202X-E: 5.1.3.13
External links
http://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-siglent-technologies-sds-...
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.