#VU27948 Improper access control in Emerson products - CVE-2020-12030

Cybersecurity Help s.r.o.

Published: 2020-05-15

Vulnerability identifier: #VU27948

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-12030

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Wireless 1410 Gateway
Hardware solutions / Other hardware appliances
Wireless 1420 Gateway
Hardware solutions / Other hardware appliances
Wireless 1552WU Gateway
Hardware solutions / Other hardware appliances

Vendor: Emerson

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway. A remote attacker can issue specific commands to the gateway, which could then be forwarded on to the end user's wireless devices.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Wireless 1410 Gateway: 4.6.43 - 4.7.84

Wireless 1420 Gateway: 4.6.43 - 4.7.84

Wireless 1552WU Gateway: 4.6.43 - 4.7.84

External links
https://ics-cert.us-cert.gov/advisories/icsa-20-135-02

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper access control in Emerson WirelessHART 1410, 1420 and 1552WU Gateways