Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Multiple Vulnerabilities in Device42 Asset Management Appliance
Alerts

Multiple Vulnerabilities in Device42 Asset Management Appliance

11 August 2022

Security researchers have discovered multiple vulnerabilities affecting Device42 Asset Management Appliance.

Successful exploitation of the vulnerabilities could allow an attacker to impersonate other users, obtain admin level access or full access to the appliance files and database through remote code execution (RCE). 

The vulnerabilities are:

  • CVE-2022-1401 - Allows an unauthenticated attacker to read sensitive server files with root permissions (e.g. an encrypted session of an authenticated user.)

  • CVE-2022-1400 - Allows an attacker to decrypt session keys of an authenticated user using the Exago encryption key and IV which are hardcoded in the appliance (WebReportsApi.dll). 

  • CVE-2022-1399 - Allows an attacker to perform remote code execution in the staging instance of the platform.

  • CVE-2022-1410 - Allows an attacker to perform remote code execution in the appliance manager component.

The vulnerabilities affect product versions prior to 18.01.00. 

Administrators and users of affected products are advised to upgrade to the latest versions immediately.

Reference:
https://www.darkreading.com/vulnerabilities-threats/multiple-vulnerabilities-discovered-in-device42-asset-management-appliance
https://www.bitdefender.com/files/News/CaseStudies/study/422/Bitdefender-PR-Whitepaper-Device42-creat6295-en-EN.pdf

Back to top