SB2022062712 - Multiple vulnerabilities in Secheron SEPCOS Single Package

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022062712

SB2022062712 - Multiple vulnerabilities in Secheron SEPCOS Single Package

Published: June 27, 2022

Security Bulletin ID SB2022062712
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 57% Medium 43%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Improper Enforcement of Behavioral Workflow (CVE-ID: CVE-2022-2105)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper enforcement of behavioral workflow. A remote attacker can bypass client-side JavaScript controls to change user credentials and permissions without authentication.


2) Improper Enforcement of Behavioral Workflow (CVE-ID: CVE-2022-1667)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper enforcement of behavioral workflow. A remote attacker can bypass client-side JavaScript controls by directly running a JS function to reboot the PLC or by loading the corresponding, browser accessible PHP script.


3) Improper Enforcement of Behavioral Workflow (CVE-ID: CVE-2022-2102)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to controls limiting uploads to certain file extensions may be bypassed. A remote attacker can intercept the initial file upload page response and modify the associated code, leading to arbitrary file upload.


4) Weak password requirements (CVE-ID: CVE-2022-1668)

The vulnerability allows an attacker to perform brute-force attack and guess the password.

The vulnerability exists due to weak password requirements. An attacker can obtain OS superuser privileges over the open TCP port for SSH.


5) Improper access control (CVE-ID: CVE-2022-2103)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can read sensitive files and write to remotely executable directories.


6) Improper Privilege Management (CVE-ID: CVE-2022-2104)

The vulnerability allows a remote attacker to escalate privileges.

The vulnerability exists due to the www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). A remote user can escalate privileges.


7) Insufficiently protected credentials (CVE-ID: CVE-2022-1666)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the default password for the web application’s root user is weak. A remote user can gain access to sensitive information on the system.


Remediation

Install update from vendor's website.

References