MidnightBSD

Advisories for ormazabal

CVE-2022-47553

Incorrect authorisation in ekorCCP and ekorRCI, which could allow a remote attacker to obtain resources with sensitive information for the organisation, without being authenticated within the web server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 3.9 4.0
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47554

Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 3.9 4.2
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47555

Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
cve-coordination@incibe.es 9.3 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N 3.9 4.7

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47556

Uncontrolled resource consumption in ekorRCI, allowing an attacker with low-privileged access to the web server to send continuous legitimate web requests to a functionality that is not properly validated, in order to cause a denial of service (DoS) on the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6
cve-coordination@incibe.es 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47557

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 1.8 4.2
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 1.8 4.2

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47558

Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install rootkits or backdoors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 9.4 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 3.9 5.5
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47559

Lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customised requests to execute malicious actions when a user is logged in, affecting availability, privacy and integrity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
cve-coordination@incibe.es 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 3.9 4.7

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47560

The lack of web request control on ekorCCP and ekorRCI devices allows a potential attacker to create custom requests to execute malicious actions when a user is logged in.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.1 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47561

The web application stores credentials in clear text in the "admin.xml" file, which can be accessed without logging into the website, which could allow an attacker to obtain credentials related to all users, including admin users, in clear text, and use them to subsequently execute malicious actions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
cve-coordination@incibe.es 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j
CVE-2022-47562

Vulnerability in the RCPbind service running on UDP port (111), allowing a remote attacker to create a denial of service (DoS) condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
ormazabal ekorrci_firmware 601j
ormazabal ekorccp_firmware 601j