CVE-2021-37911 - OpenCVE

The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:A/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Benq	Eh600 Firmware Eh600

Configuration 1 [-]

AND

cpe:2.3:o:benq:eh600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:benq:eh600:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-5047-7ef35-1.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: twcert

Published: 2021-08-30T00:00:00

Updated: 2021-08-30T14:35:11

Reserved: 2021-08-02T00:00:00

Link: CVE-2021-37911

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-30T15:15:07.917

Modified: 2021-09-10T15:31:18.523

Link: CVE-2021-37911

JSON object: View

Redhat Information

No data.

CWE

CWE-269

{"containers": {"cna": {"affected": [{"platforms": ["AOSP 6.0"], "product": "EH600 OTA", "vendor": "BenQ", "versions": [{"lessThanOrEqual": "v01.00.30.00", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "BenQ"}], "datePublic": "2021-08-30T00:00:00", "descriptions": [{"lang": "en", "value": "The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-30T14:35:11", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-5047-7ef35-1.html"}], "solutions": [{"lang": "en", "value": "Update EH600 OTA to v01.00.30.00 (AOSP 6.0)"}], "source": {"advisory": "TVN-202108008", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-08-30T14:21:00.000Z", "ID": "CVE-2021-37911", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "EH600 OTA", "version": {"version_data": [{"platform": "AOSP 6.0", "version_affected": "<=", "version_value": "v01.00.30.00"}]}}]}, "vendor_name": "BenQ"}]}}, "credit": [{"lang": "eng", "value": "BenQ"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269 Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://www.twcert.org.tw/tw/cp-132-5047-7ef35-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-5047-7ef35-1.html"}]}, "solution": [{"lang": "en", "value": "Update EH600 OTA to v01.00.30.00 (AOSP 6.0)"}], "source": {"advisory": "TVN-202108008", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-37911", "datePublished": "2021-08-30T00:00:00", "dateReserved": "2021-08-02T00:00:00", "dateUpdated": "2021-08-30T14:35:11", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:benq:eh600_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C440F517-78CD-4F4D-A08E-F44EC7706503", "versionEndIncluding": "01.00.30.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:benq:eh600:-:*:*:*:*:*:*:*", "matchCriteriaId": "4ABF87E7-270A-445A-8E5B-46944ECC2342", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork."}, {"lang": "es", "value": "La interfaz de administraci\u00f3n del proyector de BenQ smart wireless conference projector, no controla apropiadamente los privilegios del usuario. Unos atacantes pueden acceder a cualquier directorio del sistema de este dispositivo mediante la interfaz y ejecutar comandos arbitrario si entra en la subred local."}], "id": "CVE-2021-37911", "lastModified": "2021-09-10T15:31:18.523", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2021-08-30T15:15:07.917", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-5047-7ef35-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}