A vulnerability, which was classified as critical, has been found in FURUNO FELCOM 250 and FELCOM 500 (the affected version is unknown). Affected by this issue is an unknown code of the file /cgi-bin/sm_changepassword.cgi of the component Password Handler. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-284. The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. Impacted is confidentiality, integrity, and availability. CVE summarizes:

FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi.

The bug was discovered 09/06/2018. The weakness was released 09/10/2018 (Website). The advisory is available at cyberskr.com. This vulnerability is handled as CVE-2018-16591 since 09/06/2018. The attack may be launched remotely. No form of authentication is required for exploitation. Technical details are known, but there is no available exploit. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.

The vulnerability was handled as a non-public zero-day exploit for at least 4 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Entries connected to this vulnerability are available at 123681 and 123808.

Productinfo

Vendor

• FURUNO

Name

• FELCOM 250
• FELCOM 500

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion