Search criteria
9 vulnerabilities found for da50n_firmware by redlion
FKIE_CVE-2022-1039
Vulnerability from fkie_nvd - Published: 2022-04-20 16:15 - Updated: 2024-11-21 06:39
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redlion | da50n_firmware | * | |
| redlion | da50n | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redlion:da50n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F93A1A27-F8C2-4D80-9C8E-3AEF743178BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B0481-AE48-4B7A-B57B-4FA6B573C040",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
},
{
"lang": "es",
"value": "La d\u00e9bil contrase\u00f1a de la interfaz de usuario de la web puede ser explotada por medio de HTTP o HTTPS. Una vez obtenido dicho acceso, pueden cambiarse las dem\u00e1s contrase\u00f1as. Puede accederse a la contrase\u00f1a d\u00e9bil de las cuentas de Linux por medio de SSH o Telnet, el primero de los cuales est\u00e1 habilitado por defecto en las interfaces confiables. Mientras que el servicio SSH no admite el inicio de sesi\u00f3n de root, un usuario que inicie sesi\u00f3n usando cualquiera de las otras cuentas de Linux puede elevar el acceso a root usando el comando su si presenta acceso a la contrase\u00f1a asociada"
}
],
"id": "CVE-2022-1039",
"lastModified": "2024-11-21T06:39:54.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-20T16:15:08.360",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-521"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-521"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-27179
Vulnerability from fkie_nvd - Published: 2022-04-20 16:15 - Updated: 2024-11-21 06:55
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redlion | da50n_firmware | - | |
| redlion | da50n | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redlion:da50n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A3812-8347-40A1-8742-1B5BEF12B894",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B0481-AE48-4B7A-B57B-4FA6B573C040",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised."
},
{
"lang": "es",
"value": "Un actor malicioso que tenga acceso al archivo de configuraci\u00f3n exportado puede obtener las credenciales almacenadas y, por tanto, obtener acceso al recurso protegido. Si las mismas contrase\u00f1as se utilizaron para otros recursos, otros activos de este tipo pueden verse comprometidos"
}
],
"id": "CVE-2022-27179",
"lastModified": "2024-11-21T06:55:21.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-20T16:15:08.660",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-26516
Vulnerability from fkie_nvd - Published: 2022-04-20 16:15 - Updated: 2024-11-21 06:54
Severity ?
8.4 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redlion | da50n_firmware | - | |
| redlion | da50n | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redlion:da50n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A3812-8347-40A1-8742-1B5BEF12B894",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B0481-AE48-4B7A-B57B-4FA6B573C040",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
},
{
"lang": "es",
"value": "Los usuarios autorizados pueden instalar un archivo de paquete modificado maliciosamente cuando actualizan el dispositivo por medio de la interfaz de usuario web. El usuario puede usar inadvertidamente un archivo de paquete obtenido de una fuente no autorizada o un archivo que fue comprometido entre la descarga y el despliegue"
}
],
"id": "CVE-2022-26516",
"lastModified": "2024-11-21T06:54:05.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-20T16:15:08.547",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
}
]
}
CVE-2022-1039 (GCVE-0-2022-1039)
Vulnerability from cvelistv5 – Published: 2022-04-20 15:30 – Updated: 2025-04-16 17:55
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password.
Severity ?
9.6 (Critical)
CWE
- CWE-521 - Weak Password Requirements
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:34.249256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:55:12.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:34.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-1039",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-521 Weak Password Requirements"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1039",
"datePublished": "2022-04-20T15:30:34.344Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:55:12.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26516 (GCVE-0-2022-26516)
Vulnerability from cvelistv5 – Published: 2022-04-20 15:30 – Updated: 2025-04-16 17:55
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
Severity ?
8.4 (High)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:37.598330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:55:19.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:33.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-26516",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345 Insufficient Verification of Data Authenticity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-26516",
"datePublished": "2022-04-20T15:30:33.553Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:55:19.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27179 (GCVE-0-2022-27179)
Vulnerability from cvelistv5 – Published: 2022-04-20 15:30 – Updated: 2025-04-16 16:28
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
Severity ?
4.6 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:31.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:53:32.607224Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:28:30.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:32.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-27179",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-27179",
"datePublished": "2022-04-20T15:30:32.718Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:28:30.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1039 (GCVE-0-2022-1039)
Vulnerability from nvd – Published: 2022-04-20 15:30 – Updated: 2025-04-16 17:55
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password.
Severity ?
9.6 (Critical)
CWE
- CWE-521 - Weak Password Requirements
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:34.249256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:55:12.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:34.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-1039",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-521 Weak Password Requirements"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1039",
"datePublished": "2022-04-20T15:30:34.344Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:55:12.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26516 (GCVE-0-2022-26516)
Vulnerability from nvd – Published: 2022-04-20 15:30 – Updated: 2025-04-16 17:55
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
Severity ?
8.4 (High)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:37.598330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:55:19.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:33.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-26516",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345 Insufficient Verification of Data Authenticity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-26516",
"datePublished": "2022-04-20T15:30:33.553Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:55:19.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27179 (GCVE-0-2022-27179)
Vulnerability from nvd – Published: 2022-04-20 15:30 – Updated: 2025-04-16 16:28
VLAI?
Title
ICSA-22-104-03 Red Lion DA50N
Summary
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
Severity ?
4.6 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:31.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:53:32.607224Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:28:30.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:32.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-27179",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-27179",
"datePublished": "2022-04-20T15:30:32.718Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:28:30.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}