Multiple vulnerabilities in MachineSense FeverWarn
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2023-6221 CVE-2023-46706 CVE-2023-49617 CVE-2023-49115 CVE-2023-47867 CVE-2023-49610 |
| CWE-ID | CWE-306 CWE-798 CWE-284 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
FeverWarn ESP32 Hardware solutions / Medical equipment FeverWarn RaspberryPi Hardware solutions / Medical equipment FeverWarn DataHub RaspberryPi Hardware solutions / Medical equipment |
| Vendor | MachineSense |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Missing Authentication for Critical Function
EUVDB-ID: #VU85822
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-6221
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the cloud provider is insufficiently protected against unauthorized access. A remote user can view source code, secret credentials and more.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of hard-coded credentials
EUVDB-ID: #VU85823
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-46706
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to multiple affected devices have credentials unable to be changed by the user or administrator. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing Authentication for Critical Function
EUVDB-ID: #VU85824
Risk: High
CVSSv3.1: 9.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-49617
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the application programmable interface (API) is improperly protected and can be accessed without authentication. A remote attacker can retrieve and modify sensitive information without any authentication.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Missing Authentication for Critical Function
EUVDB-ID: #VU85825
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-49115
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the affected devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users. A remote attacker can gain access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper access control
EUVDB-ID: #VU85830
Risk: Medium
CVSSv3.1: 8.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-47867
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote attacker on the local network can connect to the device's web services and compromise the device.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU85834
Risk: Medium
CVSSv3.1: 7.4 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-49610
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send a specially crafted message running commands or overflow the stack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFeverWarn ESP32: All versions
FeverWarn RaspberryPi: All versions
FeverWarn DataHub RaspberryPi: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-025-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
