1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: AutomationDirect
- Equipment: C-MORE EA9 HMI
- Vulnerabilities: Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to exploit a remote device and inject malicious code on the panel.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of C-MORE EA9 HMI, a display system used for interfacing with controllers, are affected:
- C-MORE EA9 HMI EA9-T6CL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T7CL: Version 6.77 and prior
- C-MORE EA9 HMI EA0-T7CL-R: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T8CL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T10CL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T10WCL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T12CL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T15CL: Version 6.77 and prior
- C-MORE EA9 HMI EA9-T15CL-R: Version 6.77 and prior
- C-MORE EA9 HMI EA9-RHMI: Version 6.77 and prior
- C-MORE EA9 HMI EA9-PGMSW: Version 6.77 and prior
3.2 Vulnerability Overview
3.2.1 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) CWE-22
There is a function in Automation-Direct C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content.
CVE-2024-25136 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
This article has been indexed from All CISA Advisories
Read the original article: