Ekahau Real-Time Location System Encryption Algorithm cryptographic issues
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.7 | $0-$5k | 0.00 |
A vulnerability, which was classified as problematic, has been found in Ekahau Real-Time Location System. This issue affects some unknown functionality of the component Encryption Algorithm. The manipulation with an unknown input leads to a cryptographic issues vulnerability. Using CWE to declare the problem leads to CWE-310. Impacted is confidentiality, and integrity. The advisory summarizes:
Ekahau’s real-time location tracking uses battery-powered Wi-Fi tokens to track assets or staff. Signal measurements (RSSI) of the 802.11 based Wi-Fi communication are processed in the Ekahau RTLS software component, which calculates the exact position of the token.
The weakness was released 04/03/2014 by David Gullasch and Max Moser with modzero AG as MZ-14-01 as not defined advisory (Website). It is possible to read the advisory at securityfocus.com. The public release was coordinated with Ekahau. The identification of this vulnerability is CVE-2014-2716 since 04/01/2014. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but a private exploit is available. The attack technique deployed by this issue is T1600 according to MITRE ATT&CK. The advisory points out:
Ekahau's Real-Time Location System to encrypt messages in an insecure fashion. An attacker is able to read and generate arbitrary messages including button events, text/alarm messages or sending reconfiguration events.
A private exploit has been developed by David Gullasch/Max Moser. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 30 days. During that time the estimated underground price was around $0-$5k.
The advisory contains the following remark:
Ekahau should correct their implementation to ensure message confidentiality, authenticity and integrity.
Entry connected to this vulnerability is available at 73334.
Affected
- Ekahau B4 Staff Badge 5.7, Firmware rev 1.4.52
- Ekahau RTLS Controller 6.0.5-FINAL
- Ekahau Activator 3
Product
Vendor
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.5VulDB Meta Temp Score: 5.7
VulDB Base Score: 6.5
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cryptographic issuesCWE: CWE-310
ATT&CK: T1600
Local: No
Remote: Yes
Availability: 🔍
Access: Private
Status: Proof-of-Concept
Author: David Gullasch/Max Moser
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Timeline
03/04/2014 🔍03/13/2014 🔍
04/01/2014 🔍
04/03/2014 🔍
04/03/2014 🔍
12/15/2014 🔍
12/19/2014 🔍
06/16/2021 🔍
Sources
Advisory: MZ-14-01⛔Researcher: David Gullasch, Max Moser
Organization: modzero AG
Status: Not defined
Coordinated: 🔍
CVE: CVE-2014-2716 (🔍)
SecurityFocus: 71674 - Ekahau Real-Time Location System CVE-2014-2716 Multiple Security Weaknesses
See also: 🔍
Entry
Created: 04/03/2014 18:00Updated: 06/16/2021 14:44
Changes: 04/03/2014 18:00 (65), 06/16/2021 14:44 (3)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.