SB2024011228 - Multiple vulnerabilities in Rapid Software Rapid SCADA

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024011228

SB2024011228 - Multiple vulnerabilities in Rapid Software Rapid SCADA

Published: January 12, 2024

Security Bulletin ID SB2024011228
Severity
High
Patch available
NO
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 43% Low 43%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Path traversal (CVE-ID: CVE-2024-21852)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can send a specially crafted HTTP request and execute arbitrary code on the target system.


2) Path traversal (CVE-ID: CVE-2024-22096)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can send a specially crafted HTTP request and read arbitrary files on the system.


3) Incorrect permission assignment for critical resource (CVE-ID: CVE-2024-22016)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to improper permissions configuration. A local user can write directly to the Scada directory and gain elevated privileges.


4) Open redirect (CVE-ID: CVE-2024-21794)

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data in the login page. A remote user can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.


5) Use of hard-coded credentials (CVE-ID: CVE-2024-21764)

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Unprotected storage of credentials (CVE-ID: CVE-2024-21869)

The vulnerability allows a local attacker to gain access to other users' credentials.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A local attacker can view contents of the configuration file and gain access to passwords for 3rd party integration.


7) Information Exposure Through an Error Message (CVE-ID: CVE-2024-21866)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected product responds back with an error message containing sensitive data if it receives a specific malformed request. A remote attacker can gain unauthorized access to sensitive information on the system.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References