CVE-2024-36445

Missing Authentication for Critical Function (CWE-306)

Published: Aug 22, 2024 / Updated: 2mo ago

010
CVSS 9.8EPSS 0.04%Critical
CVE info copied to clipboard

Summary

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication. This vulnerability is categorized as a Missing Authentication for Critical Function (CWE-306).

Impact

This vulnerability has a severe impact. An attacker can gain unauthorized root access to the affected devices remotely, potentially leading to complete system compromise. With root access, the attacker could have full control over the device, including the ability to view, modify, or delete sensitive data, install malicious software, or use the device as a pivot point for further network attacks. The confidentiality, integrity, and availability of the system are all highly impacted.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the current information provided, there is no mention of an available patch for this vulnerability.

Mitigation

Until a patch is available, consider the following mitigation strategies: 1. Disable TELNET access on affected Swissphone DiCal-RED 4009 devices if possible. 2. If TELNET must be used, implement strong network segmentation to restrict access to these devices from untrusted networks. 3. Use a firewall to block incoming TELNET connections from untrusted sources. 4. Monitor for any suspicious TELNET connection attempts or unusual activities on these devices. 5. If feasible, consider replacing these devices with more secure alternatives that do not have this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-36445. See article

Aug 22, 2024 at 3:21 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Aug 22, 2024 at 3:38 PM
Threat Intelligence Report

The vulnerability CVE-2024-36445 in Swissphone DiCal-RED 4009 devices has a critical CVSS score of 9.4, allowing remote attackers to gain root shell access via TELNET without authentication. This vulnerability poses a significant risk if exploited in the wild, and there are currently no known mitigations, detections, or patches available. Downstream impacts may affect other third-party vendors or technologies that rely on Swissphone DiCal-RED 4009 devices. See article

Aug 30, 2024 at 1:32 AM
Static CVE Timeline Graph

Attack Patterns

CAPEC-12: Choosing Message Identifier
+null more

References

@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 34 - SANS Institute
Product: GiveWP Active Installations: 100,000+ CVSS Score: 9.8 NVD: NVD References: NVD References: - - CVE-2024-7946 - Itsourcecode Online Blood Bank Management System 1.0 is vulnerable to a critical sql injection in the User Signup component's register.php file, allowing for remote attacks. Product: Adonesevangelista Online Blood Bank Management System CVSS Score: 9.8 NVD: NVD References: - - - - CVE-2024-7947 - SourceCodester Point of Sales and Inventory Management System 1.0 is vulnerable to sql injection in the file login.php through manipulation of the email argument, allowing for remote attacks due to a critical vulnerability that has been publicly disclosed.

News

Update Thu Oct 3 22:28:08 UTC 2024
Update Thu Oct 3 22:28:08 UTC 2024
@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 34 - SANS Institute
Product: GiveWP Active Installations: 100,000+ CVSS Score: 9.8 NVD: NVD References: NVD References: - - CVE-2024-7946 - Itsourcecode Online Blood Bank Management System 1.0 is vulnerable to a critical sql injection in the User Signup component's register.php file, allowing for remote attacks. Product: Adonesevangelista Online Blood Bank Management System CVSS Score: 9.8 NVD: NVD References: - - - - CVE-2024-7947 - SourceCodester Point of Sales and Inventory Management System 1.0 is vulnerable to sql injection in the file login.php through manipulation of the email argument, allowing for remote attacks due to a critical vulnerability that has been publicly disclosed.
US-CERT Vulnerability Summary for the Week of August 19, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High : vulnerabilities with a CVSS base score of 7.0–10.0 Medium : vulnerabilities with a CVSS base score of 4.0–6.9 Low : vulnerabilities with a CVSS base score of 0.0–3.9 Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links.
Multiple vulnerabilities in Swissphone DiCal-RED 4009
DiCal-RED 4009 Missing Authentication
Authored by Sebastian Hamann Site syss.de DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system’s root user and does not require authentication. advisories CVE-2024-36445 Change Mirror Download -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-035 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s):
See 13 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI