Information Exposure in INGEPAC DA AU
INGEPAC DA AU AUC_1.13.0.28 and before.
INCIBE has coordinated the publication of a vulnerability in INGEPAC DA AU, with the internal code INCIBE-2021-0429, which has been discovered by the Industrial Cybersecurity team of S21sec, special mention to Jacinto Moral Matellán.
CVE-2017-20007 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.
All the firmware versions from AUC_1.14.0.29 fix this issue.
Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks.
An unauthenticated remote attacker with access to the device´s web service could exploit this vulnerability in order to obtain different configuration files.
This vulnerability was reported to Ingeteam in 2021. It was partially fixed since version AUC_1.12.0.22 (2019), and fully fixed since version AUC_1.14.0.29.
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor.
TIMELINE:
25/05/2021 - Researchers contact with INCIBE.
15/06/2021 - Ingeteam confirms the vulnerabilities to INCIBE.
20/10/20201 - The advisory is published by INCIBE.
If you have any information regarding this advisory, please contact INCIBE as indicated in the CVE Assignment and publication section.
