Two vulnerabilities in Mirion Technologies Telemetry Enabled Devices
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-9649 CVE-2017-9645 |
| CWE-ID | CWE-321 CWE-326 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
MESH Repeater Hardware solutions / Firmware Telepole II Hardware solutions / Firmware External Transmitters Hardware solutions / Firmware RDS Based Boundary Monitors Hardware solutions / Firmware DRM Based Boundary Monitors Hardware solutions / Firmware Solar PWR Hardware solutions / Firmware DRM-1/2б Hardware solutions / Firmware RSD31-AM Hardware solutions / Firmware RDS-31 iTX Hardware solutions / Firmware iPam Transmitter f/DMC 2000 Hardware solutions / Firmware DMC 3000 Transmitter Module Hardware solutions / Firmware |
| Vendor | Mirion Technologies |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU7602
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-9649
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to bypass security restrictions on the target system.
The weakness exists due to use of f hard-coded cryptographic key. An adjacent attacker can include an unchangeable, factory-set key in the 900 MHz transmitter firmware and gain access to the system.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsMESH Repeater: All versions
Telepole II: All versions
External Transmitters: All versions
RDS Based Boundary Monitors: All versions
DRM Based Boundary Monitors: All versions
Solar PWR: All versions
DRM-1/2б: All versions
RSD31-AM: All versions
RDS-31 iTX: All versions
iPam Transmitter f/DMC 2000: All versions
DMC 3000 Transmitter Module: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-208-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security restrictions bypass
EUVDB-ID: #VU7603
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-9645
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to bypass security restrictions on the target system.
The weakness exists due to use inadequate encryption strength. An adjacent attacker can decrypt data at the hardware level.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsMESH Repeater: All versions
Telepole II: All versions
External Transmitters: All versions
RDS Based Boundary Monitors: All versions
DRM Based Boundary Monitors: All versions
Solar PWR: All versions
DRM-1/2б: All versions
RSD31-AM: All versions
RDS-31 iTX: All versions
iPam Transmitter f/DMC 2000: All versions
DMC 3000 Transmitter Module: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-17-208-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
