Full Disclosure mailing list archives
From: Jeroen Hermans via Fulldisclosure <fulldisclosure () seclists org>
Date: Mon, 2 Dec 2024 17:30:45 +0100
CloudAware Security Advisory[CVE pending]: Potential PII leak and incorrect access control in Paxton Net2 software
======================================================================== Summary ========================================================================Insecure backend database in the Paxton Net2 software. Possible leaking of PII incorrect access control.
No physical access to computer running Paxton Net2 is required. ======================================================================== Product ======================================================================== * Paxton Net2 (all current versions) ======================================================================== Detailed description ========================================================================By exploiting MSSQL single usermode it is possible to gain administrator rights to the Net2 database. In this database plaintext PIN codes for building entrance can be found and changed. It is also possible to add users to the system and enable/disable users in the system. By reading tables in the MSSQL table PII is leaked. In order to gain access local access to the computer running Net2 is necessary, but this can also be over a network using e.g. Anydesk which makes
physical access not necessary.The vendor has not acknowledged the vulnerability after contact. There is no fix planned.
======================================================================== Solution ========================================================================As the vendor has not acknowledged the vulnerability there is no effective remediation for this vulnerability. The most effective measure at this moment is closely monitoring who has local access to the machine running the Net2
software. ======================================================================== Mitigation ========================================================================There is no known effective mitigation. Limiting who has local access to the machine running the Net2 software seems
the most effective measure. ======================================================================== Weblinks ========================================================================It has been decided not to release the exploit code yet as there is no mitigration possible. Discoverers are willing to
share exploit code at request to help with mitigration. ======================================================================== Discoverers ======================================================================== Jeroen Hermans, CloudAware j.hermans[at]cloudaware[dot]eu Emiel van Berlo, Danego emiel[at]danego[dot]nl ======================================================================== History ======================================================================== Nov 12 2024: Requested latest Net2 software from Paxton Nov 26, 2024: Obtained latest Net2 software for other source Nov 26, 2024: Informed Paxton about vulnerability Nov 27, 2024: Release of exploit codeDec 2, 2024: Refused CVE reservation by Paxton & request of CVE reservation directly at Mitre
Attachment:
OpenPGP_0x52DD23305307A27C.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Access Control in Paxton Net2 software Jeroen Hermans via Fulldisclosure (Dec 02)
文章来源: https://seclists.org/fulldisclosure/2024/Dec/0
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh