Title | Contemporary Control Systems, Inc BASRT-B Firmware Revision: 2.7.2 Denial of Service |
---|
Description | This report uncovers a critical Denial of Service (DoS) vulnerability present in the BASRT-B BACnet router, manufactured by Contemporary Control Systems, Inc. Despite official documentation stating that the "Device-Communication-Control" service is unsupported, our investigation revealed that the device responds to commands for this service without password protection. Exploiting this vulnerability permits any user to suspend all communications on the device, potentially causing disruption across the entire BACnet network, thereby affecting crucial infrastructure operations. |
---|
Source | ⚠️ https://github.com/isZzzz/BASRT-B_BACnet_Router_Document/blob/main/BASRT_CVE_apply.pdf |
---|
User | isZzzzz (UID 64489) |
---|
Submission | 04/21/2024 03:00 PM (8 months ago) |
---|
Moderation | 04/27/2024 08:02 AM (6 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 262224 [Contemporary Controls BASrouter BACnet BASRT-B 2.7.2 Device-Communication-Control Service denial of service] |
---|
Points | 20 |
---|