CVE-2021-41299 - OpenCVE

ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Ecoa	Ecs Router Controller-ecs Firmware Riskbuster Firmware Riskterminator Riskbuster Ecs Router Controller-ecs

Configuration 1 [-]

AND

cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ecoa:ecs_router_controller-ecs:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ecoa:riskbuster_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:ecoa:riskterminator:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-5135-a9f5c-1.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: twcert

Published: 2021-09-30T00:00:00

Updated: 2021-09-30T10:41:03

Reserved: 2021-09-15T00:00:00

Link: CVE-2021-41299

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-09-30T11:15:07.867

Modified: 2021-10-07T14:49:39.267

Link: CVE-2021-41299

JSON object: View

Redhat Information

No data.

CWE

CWE-798

{"containers": {"cna": {"affected": [{"product": "ECS Router Controller ECS (FLASH)", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "RiskBuster Terminator E6L45", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "RiskBuster System RB 3.0.0", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "RiskBuster System TRANE 1.0", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "Graphic Control Software", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "SmartHome II E9246", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}, {"product": "RiskTerminator", "vendor": "ECOA", "versions": [{"lessThan": "unspecified", "status": "unknown", "version": "next of 0", "versionType": "custom"}]}], "datePublic": "2021-09-30T00:00:00", "descriptions": [{"lang": "en", "value": "ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator\u2019s privilege without logging in."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-30T10:41:03", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-5135-a9f5c-1.html"}], "solutions": [{"lang": "en", "value": "Contact tech support from ECOA."}], "source": {"advisory": "TVN-202109015", "discovery": "EXTERNAL"}, "title": "ECOA BAS controller - Use of Hard-coded Credentials", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-09-30T10:13:00.000Z", "ID": "CVE-2021-41299", "STATE": "PUBLIC", "TITLE": "ECOA BAS controller - Use of Hard-coded Credentials"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ECS Router Controller ECS (FLASH)", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "RiskBuster Terminator E6L45", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "RiskBuster System RB 3.0.0", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "RiskBuster System TRANE 1.0", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "Graphic Control Software", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "SmartHome II E9246", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}, {"product_name": "RiskTerminator", "version": {"version_data": [{"version_affected": "?>", "version_value": "0"}]}}]}, "vendor_name": "ECOA"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator\u2019s privilege without logging in."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-798 Use of Hard-coded Credentials"}]}]}, "references": {"reference_data": [{"name": "https://www.twcert.org.tw/tw/cp-132-5135-a9f5c-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-5135-a9f5c-1.html"}]}, "solution": [{"lang": "en", "value": "Contact tech support from ECOA."}], "source": {"advisory": "TVN-202109015", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-41299", "datePublished": "2021-09-30T00:00:00", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2021-09-30T10:41:03", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E80292D1-E3AD-42B6-A63E-3546010B97A3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ecoa:ecs_router_controller-ecs:-:*:*:*:*:*:*:*", "matchCriteriaId": "541B6C82-F00E-4BFC-9947-A55B2F4EDD06", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ecoa:riskbuster_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "19A28430-AB2B-423F-82D4-FC0E3A6DF335", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*", "matchCriteriaId": "58A6F2A4-A7DA-4A88-B572-917FFC80ADC1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ecoa:riskterminator:-:*:*:*:*:*:*:*", "matchCriteriaId": "841DF575-8E63-4AB4-A6F9-77C28FC65BCE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator\u2019s privilege without logging in."}, {"lang": "es", "value": "El controlador ECOA BAS es vulnerable a unas credenciales embebidas en su imagen de distribuci\u00f3n de Linux, por lo que los atacantes remotos pueden alcanzar privilegios de administrador sin iniciar sesi\u00f3n"}], "id": "CVE-2021-41299", "lastModified": "2021-10-07T14:49:39.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2021-09-30T11:15:07.867", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-5135-a9f5c-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}