Japan Vulnerability NotesJVN:83440451JVN#83440451: Multiple Safie products vulnerable to improper server certificate verification
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
22.3%
Multiple Safie products are vulnerable to improper server certificate verification (CWE-295).
The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the device-specific information. The user who has obtained the device-specific information can directly operate the device (even if it is not owned by the user).
Impact
A man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected product, resulting in arbitrary OS command execution.
Solution
Update the Software
Update the software to the latest version according to the information provided by the developer.
In addition to the update for the affected products, a security measure is deployed on the cloud server side on July 24, 2024.
Products Affected
- QBiC CLOUD CC-2L v1.1.30 and earlier
- Safie One v1.8.2 and earlier
Related
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
22.3%