CVE-2024-1491 (GCVE-0-2024-1491)

Vulnerability from cvelistv5 – Published: 2024-04-18 22:13 – Updated: 2024-08-01 18:40
VLAI?
Title
Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function
Summary
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory. This file system serves as the basis for the HTTP2 web server module, but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
8.7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
Electrolink Compact DAB Transmitter Affected: 10W
Affected: 100W
Affected: 250W
Create a notification for this product.
    Electrolink Medium DAB Transmitter Affected: 500W
Affected: 1kW
Affected: 2kW
Create a notification for this product.
    Electrolink High Power DAB Transmitter Affected: 2.5kW
Affected: 3kW
Affected: 4kW
Affected: 5kW
Create a notification for this product.
    Electrolink Compact FM Transmitter Affected: Compact FM Transmitter
Affected: 500W
Affected: 1kW
Affected: 2kW
Create a notification for this product.
    Electrolink Modular FM Transmitter Affected: 3kW
Affected: 5kW
Affected: 10kW
Affected: 15kW
Affected: 20kW
Affected: 30kW
Create a notification for this product.
    Electrolink Digital FM Transmitter Affected: 15W , ≤ 40kW (custom)
Create a notification for this product.
    Electrolink VHF TV Transmitter Affected: BI
Affected: BIII
Create a notification for this product.
    Electrolink UHF TV Transmitter Affected: 10W , ≤ 5kW (custom)
Create a notification for this product.
Credits
Gjoko Krstic publicly reported these vulnerabilities on the internet after an unsuccessful attempt to contact Electrolink directly.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:0xacab:mat2:0.10.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mat2",
            "vendor": "0xacab",
            "versions": [
              {
                "status": "affected",
                "version": "0.10.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1491",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-23T00:25:00.939738Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T18:01:37.950Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:40:21.285Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Compact DAB Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "10W"
            },
            {
              "status": "affected",
              "version": "100W"
            },
            {
              "status": "affected",
              "version": "250W"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Medium DAB Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "500W"
            },
            {
              "status": "affected",
              "version": "1kW"
            },
            {
              "status": "affected",
              "version": "2kW"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "High Power DAB Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "2.5kW"
            },
            {
              "status": "affected",
              "version": "3kW"
            },
            {
              "status": "affected",
              "version": "4kW"
            },
            {
              "status": "affected",
              "version": "5kW"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Compact FM Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "Compact FM Transmitter"
            },
            {
              "status": "affected",
              "version": "500W"
            },
            {
              "status": "affected",
              "version": "1kW"
            },
            {
              "status": "affected",
              "version": "2kW"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modular FM Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "3kW"
            },
            {
              "status": "affected",
              "version": "5kW"
            },
            {
              "status": "affected",
              "version": "10kW"
            },
            {
              "status": "affected",
              "version": "15kW"
            },
            {
              "status": "affected",
              "version": "20kW"
            },
            {
              "status": "affected",
              "version": "30kW"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Digital FM Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "lessThanOrEqual": "40kW",
              "status": "affected",
              "version": "15W",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VHF TV Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "status": "affected",
              "version": "BI"
            },
            {
              "status": "affected",
              "version": "BIII"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UHF TV Transmitter",
          "vendor": "Electrolink",
          "versions": [
            {
              "lessThanOrEqual": "5kW",
              "status": "affected",
              "version": "10W",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Gjoko Krstic publicly reported these vulnerabilities on the internet after an unsuccessful attempt to contact Electrolink directly."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The devices allow access to an unprotected endpoint that allows MPFS \nfile system binary image upload without authentication. The MPFS2 file \nsystem module provides a light-weight read-only file system that can be \nstored in external EEPROM, external serial flash, or internal flash \nprogram memory. This file system serves as the basis for the HTTP2 web \nserver module, but is also used by the SNMP module and is available to \nother applications that require basic read-only storage capabilities. \nThis can be exploited to overwrite the flash program memory that holds \nthe web server\u0027s main interfaces and execute arbitrary code."
            }
          ],
          "value": "The devices allow access to an unprotected endpoint that allows MPFS \nfile system binary image upload without authentication. The MPFS2 file \nsystem module provides a light-weight read-only file system that can be \nstored in external EEPROM, external serial flash, or internal flash \nprogram memory. This file system serves as the basis for the HTTP2 web \nserver module, but is also used by the SNMP module and is available to \nother applications that require basic read-only storage capabilities. \nThis can be exploited to overwrite the flash program memory that holds \nthe web server\u0027s main interfaces and execute arbitrary code."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-28T16:51:09.051Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02"
        }
      ],
      "source": {
        "advisory": "ICSA-24-107-02",
        "discovery": "EXTERNAL"
      },
      "title": "Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Electrolink has not responded to requests to work with CISA to mitigate \nthese vulnerabilities. Users of the affected products are encouraged to \ncontact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://electrolink.com/contacts/\"\u003eElectrolink\u003c/a\u003e for additional information.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Electrolink has not responded to requests to work with CISA to mitigate \nthese vulnerabilities. Users of the affected products are encouraged to \ncontact  Electrolink https://electrolink.com/contacts/  for additional information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-1491",
    "datePublished": "2024-04-18T22:13:54.962Z",
    "dateReserved": "2024-02-14T15:46:18.806Z",
    "dateUpdated": "2024-08-01T18:40:21.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The devices allow access to an unprotected endpoint that allows MPFS \\nfile system binary image upload without authentication. The MPFS2 file \\nsystem module provides a light-weight read-only file system that can be \\nstored in external EEPROM, external serial flash, or internal flash \\nprogram memory. This file system serves as the basis for the HTTP2 web \\nserver module, but is also used by the SNMP module and is available to \\nother applications that require basic read-only storage capabilities. \\nThis can be exploited to overwrite the flash program memory that holds \\nthe web server\u0027s main interfaces and execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos permiten el acceso a un punto final desprotegido que permite la carga de im\\u00e1genes binarias del sistema de archivos MPFS sin autenticaci\\u00f3n. El m\\u00f3dulo de sistema de archivos MPFS2 proporciona un sistema de archivos liviano de solo lectura que se puede almacenar en una EEPROM externa, una memoria flash serial externa o una memoria flash interna de programa. Este sistema de archivos sirve como base para el m\\u00f3dulo de servidor web HTTP2, pero tambi\\u00e9n lo utiliza el m\\u00f3dulo SNMP y est\\u00e1 disponible para otras aplicaciones que requieren capacidades b\\u00e1sicas de almacenamiento de solo lectura. Esto puede aprovecharse para sobrescribir la memoria flash del programa que contiene las interfaces principales del servidor web y ejecutar c\\u00f3digo arbitrario.\"}]",
      "id": "CVE-2024-1491",
      "lastModified": "2024-11-21T08:50:41.773",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"NONE\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"NONE\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
      "published": "2024-04-18T23:15:06.723",
      "references": "[{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-1491\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2024-04-18T23:15:06.723\",\"lastModified\":\"2024-11-21T08:50:41.773\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The devices allow access to an unprotected endpoint that allows MPFS \\nfile system binary image upload without authentication. The MPFS2 file \\nsystem module provides a light-weight read-only file system that can be \\nstored in external EEPROM, external serial flash, or internal flash \\nprogram memory. This file system serves as the basis for the HTTP2 web \\nserver module, but is also used by the SNMP module and is available to \\nother applications that require basic read-only storage capabilities. \\nThis can be exploited to overwrite the flash program memory that holds \\nthe web server\u0027s main interfaces and execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos permiten el acceso a un punto final desprotegido que permite la carga de im\u00e1genes binarias del sistema de archivos MPFS sin autenticaci\u00f3n. El m\u00f3dulo de sistema de archivos MPFS2 proporciona un sistema de archivos liviano de solo lectura que se puede almacenar en una EEPROM externa, una memoria flash serial externa o una memoria flash interna de programa. Este sistema de archivos sirve como base para el m\u00f3dulo de servidor web HTTP2, pero tambi\u00e9n lo utiliza el m\u00f3dulo SNMP y est\u00e1 disponible para otras aplicaciones que requieren capacidades b\u00e1sicas de almacenamiento de solo lectura. Esto puede aprovecharse para sobrescribir la memoria flash del programa que contiene las interfaces principales del servidor web y ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:40:21.285Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-1491\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-23T00:25:00.939738Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:0xacab:mat2:0.10.0:*:*:*:*:*:*:*\"], \"vendor\": \"0xacab\", \"product\": \"mat2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.10.0\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-23T00:26:22.993Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function\", \"source\": {\"advisory\": \"ICSA-24-107-02\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Gjoko Krstic publicly reported these vulnerabilities on the internet after an unsuccessful attempt to contact Electrolink directly.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.7, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Electrolink\", \"product\": \"Compact DAB Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"10W\"}, {\"status\": \"affected\", \"version\": \"100W\"}, {\"status\": \"affected\", \"version\": \"250W\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"Medium DAB Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"500W\"}, {\"status\": \"affected\", \"version\": \"1kW\"}, {\"status\": \"affected\", \"version\": \"2kW\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"High Power DAB Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5kW\"}, {\"status\": \"affected\", \"version\": \"3kW\"}, {\"status\": \"affected\", \"version\": \"4kW\"}, {\"status\": \"affected\", \"version\": \"5kW\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"Compact FM Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"Compact FM Transmitter\"}, {\"status\": \"affected\", \"version\": \"500W\"}, {\"status\": \"affected\", \"version\": \"1kW\"}, {\"status\": \"affected\", \"version\": \"2kW\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"Modular FM Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"3kW\"}, {\"status\": \"affected\", \"version\": \"5kW\"}, {\"status\": \"affected\", \"version\": \"10kW\"}, {\"status\": \"affected\", \"version\": \"15kW\"}, {\"status\": \"affected\", \"version\": \"20kW\"}, {\"status\": \"affected\", \"version\": \"30kW\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"Digital FM Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"15W\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"40kW\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"VHF TV Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"BI\"}, {\"status\": \"affected\", \"version\": \"BIII\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Electrolink\", \"product\": \"UHF TV Transmitter\", \"versions\": [{\"status\": \"affected\", \"version\": \"10W\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5kW\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Electrolink has not responded to requests to work with CISA to mitigate \\nthese vulnerabilities. Users of the affected products are encouraged to \\ncontact  Electrolink https://electrolink.com/contacts/  for additional information.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Electrolink has not responded to requests to work with CISA to mitigate \\nthese vulnerabilities. Users of the affected products are encouraged to \\ncontact \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://electrolink.com/contacts/\\\"\u003eElectrolink\u003c/a\u003e for additional information.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The devices allow access to an unprotected endpoint that allows MPFS \\nfile system binary image upload without authentication. The MPFS2 file \\nsystem module provides a light-weight read-only file system that can be \\nstored in external EEPROM, external serial flash, or internal flash \\nprogram memory. This file system serves as the basis for the HTTP2 web \\nserver module, but is also used by the SNMP module and is available to \\nother applications that require basic read-only storage capabilities. \\nThis can be exploited to overwrite the flash program memory that holds \\nthe web server\u0027s main interfaces and execute arbitrary code.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The devices allow access to an unprotected endpoint that allows MPFS \\nfile system binary image upload without authentication. The MPFS2 file \\nsystem module provides a light-weight read-only file system that can be \\nstored in external EEPROM, external serial flash, or internal flash \\nprogram memory. This file system serves as the basis for the HTTP2 web \\nserver module, but is also used by the SNMP module and is available to \\nother applications that require basic read-only storage capabilities. \\nThis can be exploited to overwrite the flash program memory that holds \\nthe web server\u0027s main interfaces and execute arbitrary code.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2024-05-28T16:51:09.051Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-1491\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T18:40:21.285Z\", \"dateReserved\": \"2024-02-14T15:46:18.806Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2024-04-18T22:13:54.962Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.