Vulnerability identifier: #VU46657

Vulnerability risk: Low

CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-16230

CWE-ID: CWE-942

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
eWON Flexy
Hardware solutions / Routers & switches, VoIP, GSM, etc
eWON Cosy
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: HMS Networks

Description

The vulnerability allows a local user to bypass the CORS protection mechanism.

The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A local administrator can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and retrieve limited confidential information through sniffing.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

eWON Flexy: All versions

eWON Cosy: All versions

---

External links
http://ics-cert.us-cert.gov/advisories/icsa-20-254-03

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.