CVE-2024-33897
Vulnerability from cvelistv5
Published
2024-08-06 00:00
Modified
2024-08-22 23:03
Severity
Summary
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ewon_cosy_firmware",
"vendor": "hms-networks",
"versions": [
{
"lessThan": "21.2s10",
"status": "affected",
"version": "21.0",
"versionType": "custom"
},
{
"lessThan": "22.1s3",
"status": "affected",
"version": "22.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T19:09:32.260175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-425",
"description": "CWE-425 Direct Request (\u0027Forced Browsing\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:48:18.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-22T23:03:06.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/24"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:29:37.232342",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.ewon.biz/products/cosy/ewon-cosy-wifi"
},
{
"url": "https://www.hms-networks.com/cyber-security"
},
{
"url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf"
},
{
"url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-33897",
"datePublished": "2024-08-06T00:00:00",
"dateReserved": "2024-04-28T00:00:00",
"dateUpdated": "2024-08-22T23:03:06.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-33897\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-06T14:16:03.870\",\"lastModified\":\"2024-08-12T16:15:15.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024.\"},{\"lang\":\"es\",\"value\":\"Un dispositivo HMS Networks Cosy+ comprometido podr\u00eda usarse para solicitar una solicitud de firma de certificado de Talk2m para otro dispositivo, lo que generar\u00eda un problema de disponibilidad. El problema se solucion\u00f3 en el servidor de producci\u00f3n de Talk2m el 18 de abril de 2024.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-425\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-425\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hms-networks:ewon_cosy\\\\+_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"21.0s0\",\"versionEndExcluding\":\"21.2s10\",\"matchCriteriaId\":\"04E2B00A-5F5D-455D-84DA-4ABFA82A1863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hms-networks:ewon_cosy\\\\+_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"22.0s0\",\"versionEndExcluding\":\"22.1s3\",\"matchCriteriaId\":\"1873C613-5DB5-4BFB-A538-860E1BF6555B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hms-networks:ewon_cosy\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32438363-2228-41D7-915C-E54343F71E84\"}]}]}],\"references\":[{\"url\":\"https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.ewon.biz/products/cosy/ewon-cosy-wifi\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.hms-networks.com/cyber-security\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...