Multiple vulnerabilities in Sharp NEC Display Solutions public displays

Published: 2021-09-20

Risk	High
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2021-20698 CVE-2021-20699
CWE-ID	CWE-77 CWE-119
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	UN462A Hardware solutions / Firmware UN462VA Hardware solutions / Firmware UN492S Hardware solutions / Firmware UN492VS Hardware solutions / Firmware UN552A Hardware solutions / Firmware UN552S Hardware solutions / Firmware UN552VS Hardware solutions / Firmware UN552 Hardware solutions / Firmware UN552V Hardware solutions / Firmware UX552S Hardware solutions / Firmware UX552 Hardware solutions / Firmware V864Q Hardware solutions / Firmware C861Q Hardware solutions / Firmware P754Q Hardware solutions / Firmware V754Q Hardware solutions / Firmware C751Q Hardware solutions / Firmware V984Q Hardware solutions / Firmware C981Q Hardware solutions / Firmware P654Q Hardware solutions / Firmware V654Q Hardware solutions / Firmware C651Q Hardware solutions / Firmware V554Q Hardware solutions / Firmware P404 Hardware solutions / Firmware P484 Hardware solutions / Firmware P554 Hardware solutions / Firmware V404 Hardware solutions / Firmware V484 Hardware solutions / Firmware V554 Hardware solutions / Firmware V404-T Hardware solutions / Firmware V484-T Hardware solutions / Firmware V554-T Hardware solutions / Firmware C501 Hardware solutions / Firmware C551 Hardware solutions / Firmware C431 Hardware solutions / Firmware
Vendor	Sharp NEC Display Solutions

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Command Injection

EUVDB-ID: #VU56693

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-20698

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

UN462A: R1.300

UN462VA: R1.300

UN492S: R1.300

UN492VS: R1.300

UN552A: R1.300

UN552S: R1.300

UN552VS: R1.300

UN552: R1.300

UN552V: R1.300

UX552S: R1.300

UX552: R1.300

V864Q: R2.000

C861Q: R2.000

P754Q: R2.000

V754Q: R2.000

C751Q: R2.000

V984Q: R2.000

C981Q: R2.000

P654Q: R2.000

V654Q: R2.000

C651Q: R2.000

V554Q: R2.000

P404: R3.201

P484: R3.201

P554: R3.201

V404: R3.201

V484: R3.201

V554: R3.201

V404-T: R3.201

V484-T: R3.201

V554-T: R3.201

C501: R2.000

C551: R2.000

C431: R2.000

CPE2.3

External links

https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html
https://jvn.jp/en/jp/JVN42866574/index.html
https://www.sharp-nec-displays.com/dl/en/dp_soft/pd_fm_update/index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU56694