Multiple vulnerabilities in Secomea GateManager
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2020-14500 CVE-2020-14508 CVE-2020-14510 CVE-2020-14512 |
| CWE-ID | CWE-158 CWE-193 CWE-798 CWE-916 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
GateManager Server applications / Remote access servers, VPN |
| Vendor | Secomea |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper Neutralization of Null Byte or NUL Character
EUVDB-ID: #VU32887
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-14500
CWE-ID:
CWE-158 - Improper Neutralization of Null Byte or NUL Character
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary data.
The vulnerability exists due to the affected software does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component. A remote attacker can send a negative value and overwrite arbitrary data on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGateManager: 9.2b
CPE2.3 External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-210-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Off-by-one
EUVDB-ID: #VU32888
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-14508
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error. A remote attacker can trigger an off-by-one error and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGateManager: 9.2b
CPE2.3 External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-210-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of hard-coded credentials
EUVDB-ID: #VU32889
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-14510
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGateManager: 9.2b
CPE2.3 External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-210-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use of Password Hash With Insufficient Computational Effort
EUVDB-ID: #VU32890
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-14512
CWE-ID:
CWE-916 - Use of Password Hash With Insufficient Computational Effort
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected product uses a weak hash type. A remote attacker can view user passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGateManager: 9.2b
CPE2.3 External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-210-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
