3.8.3

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

bab-technologie

CWE-863

critical

NVD

Published: 2021-09-09

Updated: 2021-09-20

Summary

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access.

Vulnerable Configurations

Part	Description	Count
OS	Bab-Technologie BAB Technologie Eibport Firmware 3.8.2 BAB Technologie Eibport Firmware 3.8.3	2
Hardware	Bab-Technologie BAB Technologie Eibport V3	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://psytester.github.io/CVE-2021-28911