github - ghsa-j6hr-vmm6-m6c2

GHSA-J6HR-VMM6-M6C2

Vulnerability from github – Published: 2022-01-20 00:00 – Updated: 2022-01-29 00:01

Details

Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-23842"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-19T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\\\u0027s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.",
  "id": "GHSA-j6hr-vmm6-m6c2",
  "modified": "2022-01-29T00:01:16Z",
  "published": "2022-01-20T00:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23842"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-23842 (GCVE-0-2021-23842)

Vulnerability from cvelistv5 – Published: 2022-01-19 20:38 – Updated: 2024-09-16 21:56

Summary

Severity ?

5.7 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

CWE-321 - Use of Hard-coded Cryptographic Key

Assigner

bosch

References

URL

Tags

https://psirt.bosch.com/security-advisories/BOSCH…

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Bosch

AMS

Affected: unspecified , < 4.0 (custom)

Bosch	APE	Affected: unspecified , ≤ 3.8.x (custom)
Bosch	BIS	Affected: unspecified , < 4.9.1 (custom)
Bosch	AMC2	Affected: all

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:14:09.336Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AMS",
          "vendor": "Bosch",
          "versions": [
            {
              "lessThan": "4.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "APE",
          "vendor": "Bosch",
          "versions": [
            {
              "lessThanOrEqual": "3.8.x",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "BIS",
          "vendor": "Bosch",
          "versions": [
            {
              "lessThan": "4.9.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "AMC2",
          "vendor": "Bosch",
          "versions": [
            {
              "status": "affected",
              "version": "all"
            }
          ]
        }
      ],
      "datePublic": "2022-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\\\u0027s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-19T20:38:54",
        "orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
        "shortName": "bosch"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
        }
      ],
      "source": {
        "advisory": "BOSCH-SA-940448-BT",
        "discovery": "EXTERNAL"
      },
      "title": "Use of Hard-coded Cryptographic Key",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@bosch.com",
          "DATE_PUBLIC": "2022-01-19",
          "ID": "CVE-2021-23842",
          "STATE": "PUBLIC",
          "TITLE": "Use of Hard-coded Cryptographic Key"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AMS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APE",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "3.8.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.9.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "AMC2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Bosch"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\\\u0027s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-321 Use of Hard-coded Cryptographic Key"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html",
              "refsource": "CONFIRM",
              "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
            }
          ]
        },
        "source": {
          "advisory": "BOSCH-SA-940448-BT",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
    "assignerShortName": "bosch",
    "cveId": "CVE-2021-23842",
    "datePublished": "2022-01-19T20:38:54.368368Z",
    "dateReserved": "2021-01-12T00:00:00",
    "dateUpdated": "2024-09-16T21:56:51.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-J6HR-VMM6-M6C2

CVE-2021-23842 (GCVE-0-2021-23842)

Tags

Sightings

Nomenclature