#VU47171 Command Injection in mymbCONNECT24 and mbCONNECT24
Vulnerability identifier: #VU47171
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-77
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
mymbCONNECT24
Server applications /
SCADA systems
mbCONNECT24
Server applications /
SCADA systems
Vendor: MB connect line
Description
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation. A remote unauthenticated attacker can use an outdated and unused third-party software bundled with the software and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
mymbCONNECT24: 2.6.1
mbCONNECT24 : 2.6.1
External links
http://ics-cert.us-cert.gov/advisories/icsa-20-273-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
