9.1

CVE-2024-33897

Exploit
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hms-networksEwon Cosy+ Firmware Version >= 21.0s0 < 21.2s10
   Hms-networksEwon Cosy+ 4g Apac Version-
   Hms-networksEwon Cosy+ 4g Eu Version-
   Hms-networksEwon Cosy+ 4g Jp Version-
   Hms-networksEwon Cosy+ 4g Na Version-
   Hms-networksEwon Cosy+ Ethernet Version-
   Hms-networksEwon Cosy+ Wifi Version-
Hms-networksEwon Cosy+ Firmware Version >= 22.0s0 < 22.1s3
   Hms-networksEwon Cosy+ 4g Apac Version-
   Hms-networksEwon Cosy+ 4g Eu Version-
   Hms-networksEwon Cosy+ 4g Jp Version-
   Hms-networksEwon Cosy+ 4g Na Version-
   Hms-networksEwon Cosy+ Ethernet Version-
   Hms-networksEwon Cosy+ Wifi Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.66% 0.467
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE-425 Direct Request ('Forced Browsing')

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/
Third Party Advisory
Exploit
https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf
Vendor Advisory
https://www.ewon.biz/products/cosy/ewon-cosy-wifi
Product
https://www.hms-networks.com/cyber-security
Not Applicable
http://seclists.org/fulldisclosure/2024/Aug/24
http://seclists.org/fulldisclosure/2024/Aug/27