Lucene search

HistoryMay 06, 2024 - 12:00 a.m.

Zebra Industrial Printers Insufficiently Protected Credentials (CVE-2019-10960)

2024-05-0600:00:00

www.tenable.com

zebra industrial printers

insufficiently protected credentials

cve-2019-10960

passcode vulnerability

physical access threat

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.0%

JSON

Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the printer and the printer will respond with an array of information that includes the front panel passcode for the printer. Once the passcode is retrieved, an attacker must have physical access to the front panel of the printer to enter the passcode to access the full functionality of the front panel.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502254);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/07");

  script_cve_id("CVE-2019-10960");

  script_name(english:"Zebra Industrial Printers Insufficiently Protected Credentials (CVE-2019-10960)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Zebra Industrial Printers All Versions, Zebra printers are shipped
with unrestricted end-user access to front panel options. If the
option to use a passcode to limit the functionality of the front panel
is applied, specially crafted packets could be sent over the same
network to a port on the printer and the printer will respond with an
array of information that includes the front panel passcode for the
printer. Once the passcode is retrieved, an attacker must have
physical access to the front panel of the printer to enter the
passcode to access the full functionality of the front panel.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.us-cert.gov/ics/advisories/icsa-19-232-01");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Zebra has released a new version of the software that can be obtained at: https://www.zebra.com/linkos

Zebra recommends its printers should not be configured to be fully accessible via the Internet. Zebra further recommends
that if a Zebra printer needs to be accessed from outside an organizationâs secure network architecture, users use
Weblink Technology (or similar tools) that provide a secure, encrypted connection to the userâs printer.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-10960");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(522);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/06");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:220xi4_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt220_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt230_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt410_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt420_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt510_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt610_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zebra:zt620_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Zebra");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Zebra');

var asset = tenable_ot::assets::get(vendor:'Zebra');

var vuln_cpes = {
    "cpe:/o:zebra:zt610_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt620_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt510_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt410_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt420_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt220_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:zt230_firmware" :
        {"family" : "Zebra"},
    "cpe:/o:zebra:220xi4_firmware" :
        {"family" : "Zebra"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

VendorProductVersionCPE
zebra220xi4_firmwarecpe:/o:zebra:220xi4_firmware
zebrazt220_firmwarecpe:/o:zebra:zt220_firmware
zebrazt230_firmwarecpe:/o:zebra:zt230_firmware
zebrazt410_firmwarecpe:/o:zebra:zt410_firmware
zebrazt420_firmwarecpe:/o:zebra:zt420_firmware
zebrazt510_firmwarecpe:/o:zebra:zt510_firmware
zebrazt610_firmwarecpe:/o:zebra:zt610_firmware
zebrazt620_firmwarecpe:/o:zebra:zt620_firmware

Vendor	Product	CPE
zebra	220xi4_firmware	cpe:/o:zebra:220xi4_firmware
zebra	zt220_firmware	cpe:/o:zebra:zt220_firmware
zebra	zt230_firmware	cpe:/o:zebra:zt230_firmware
zebra	zt410_firmware	cpe:/o:zebra:zt410_firmware
zebra	zt420_firmware	cpe:/o:zebra:zt420_firmware
zebra	zt510_firmware	cpe:/o:zebra:zt510_firmware
zebra	zt610_firmware	cpe:/o:zebra:zt610_firmware
zebra	zt620_firmware	cpe:/o:zebra:zt620_firmware

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10960

www.us-cert.gov/ics/advisories/icsa-19-232-01

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.0%

JSON

Related for TENABLE_OT_ZEBRA_CVE-2019-10960.NASL