Lucene search

K
jvnJapan Vulnerability NotesJVN:40604023
HistoryMar 31, 2023 - 12:00 a.m.

JVN#40604023: Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210

2023-03-3100:00:00
Japan Vulnerability Notes
jvn.jp
20
seiko solutions skybridge
multiple vulnerabilities
sensitive information exposure
command injection
hardcoded credentials
improper privilege management
missing authentication
improper access control
cleartext storage
cleartext transmission

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

79.9%

SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below.

Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2016-2183

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 7.5
CVSS v2 AV:N/AC:L/Au:N/C:C/I:N/A:N Base Score: 7.8

Command injection (CWE-77) - CVE-2022-36556

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 8.8
CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:P Base Score: 6.5

Unrestricted upload of file with dangerous type (CWE-434) - CVE-2022-36557

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0

Use of hard-coded credentials (CWE-798) - CVE-2022-36558

Version Vector Score
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 6.2
CVSS v2 AV:L/AC:L/Au:N/C:P/I:N/A:N Base Score: 2.1

Command injection (CWE-77) - CVE-2022-36559

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5

Use of hard-coded credentials (CWE-798) - CVE-2022-36560

Version Vector Score
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 6.2
CVSS v2 AV:L/AC:L/Au:N/C:P/I:N/A:N Base Score: 2.1

Improper privilege management (CWE-269) - CVE-2023-22361

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0

Missing authentication for critical function (CWE-306) - CVE-2023-22441

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Base Score: 8.6
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:C Base Score: 9.0

Improper access control (CWE-284) - CVE-2023-23578

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score: 5.3
CVSS v2 AV:N/AC:L/Au:N/C:P/I:N/A:N Base Score: 5.0

Improper following of a certificate’s chain of trust (CWE-296) - CVE-2023-23901

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 4.8
CVSS v2 AV:N/AC:H/Au:N/C:P/I:P/A:N Base Score: 4.0

Missing authentication for critical function (CWE-306) - CVE-2023-23906

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Base Score: 7.5
CVSS v2 AV:N/AC:L/Au:N/C:N/I:N/A:C Base Score: 7.8

Cleartext storage of sensitive information (CWE-312) - CVE-2023-24586

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 3.1
CVSS v2 AV:N/AC:M/Au:S/C:P/I:N/A:N Base Score: 3.5

Cleartext transmission of sensitive information (CWE-319) - CVE-2023-25070

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 4.8
CVSS v2 AV:N/AC:H/Au:N/C:P/I:P/A:N Base Score: 4.0

Use of weak credentials (CWE-1391) - CVE-2023-25072

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 6.5
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:N Base Score: 6.4

Use of weak credentials (CWE-1391) - CVE-2023-25184

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score: 5.3
CVSS v2 AV:N/AC:L/Au:N/C:P/I:N/A:N Base Score: 5.0

The developer states that attacks exploiting CVE-2022-36556 have been observed.

Impact

  • A remote attacker may decrypt the communication sent to the WebUI of the product - CVE-2016-2183
  • A user may execute an arbitrary OS command with an administrative privilege of the product - CVE-2022-36556
  • A user may update files or execute an arbitrary command with an administrative privilege of the product - CVE-2022-36557
  • A local attacker may access to the product with an administrative privilege of the product - CVE-2022-36558、CVE-2022-36560
  • A remote attacker may execute an arbitrary OS command with an administrative privilege of the product - CVE-2022-36559
  • A user may alter a WebUI password of the product - CVE-2023-22361
  • A remote attacker may obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product - CVE-2023-22441
  • A remote attacker may connect to the product’s ADB port - CVE-2023-23578
  • A remote attacker may eavesdrop on or alter the communication sent to the WebUI of the product - CVE-2023-23901
  • A remote attacker may execute some critical functions without authentication, e.g., rebooting the product - CVE-2023-23906
  • A user may obtain an APN credential for the product - CVE-2023-24586
  • If the telnet connection is enabled, a remote attacker may eavesdrop on or alter the administrator’s communication to the product - CVE-2023-25070
  • A remote attacker may decrypt password for the WebUI of the product - CVE-2023-25072, CVE-2023-25184

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
The developer released the following versions which contain a fix for these vulnerabilities.

  • SkyBridge MB-A100/110 Ver. 4.2.2 and later
  • SkyBridge MB-A200 Ver. 01.00.07 and later
  • SkyBridge BASIC MB-A130 Ver. 1.4.3 and later
    Apply the workaround
    The developer recommends applying a workaround.

For more information, refer to the information provided by the developer.

Products Affected

CVE-2022-36556, CVE-2022-36557, CVE-2022-36558, CVE-2023-22361, CVE-2023-23906, CVE-2023-24586, CVE-2023-25070, CVE-2023-25072

  • SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier
    CVE-2016-2183, CVE-2022-36559, CVE-2022-36560, CVE-2023-22441, CVE-2023-23578, CVE-2023-23901, CVE-2023-25184

  • SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier
    CVE-2023-22441, CVE-2023-23901, CVE-2023-25184

  • SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier
    CVE-2023-25184

  • SkySpider MB-R210 firmware Ver. 1.01.00 and earlier

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

79.9%