CVE-2018-20443 in TC7200.d1I
Summary
by MITRE
Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/24/2020
The vulnerability identified as CVE-2018-20443 affects Technicolor TC7200.d1I and TC7200.d1IE-N23E-c7000r5712-170406-HAT devices, representing a critical security flaw in network infrastructure equipment. These devices are commonly deployed as residential gateways and provide both internet connectivity and wireless networking services to end users. The vulnerability stems from improper access controls within the device's Simple Network Management Protocol implementation, which exposes sensitive configuration data through unauthenticated SNMP queries.
This security weakness allows remote attackers to extract Wi-Fi credentials using specific SNMP object identifiers that correspond to wireless network parameters. The affected SNMP MIB (Management Information Base) paths iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 contain sensitive information including SSID names and passphrase values. The flaw exists because the device's SNMP service does not properly validate access permissions for these specific MIB objects, allowing any remote attacker to retrieve this information without authentication.
The operational impact of this vulnerability is severe as it directly compromises the security of wireless networks managed by these devices. Attackers can obtain complete wireless network credentials, enabling them to perform man-in-the-middle attacks, gain unauthorized access to network resources, or conduct further reconnaissance against connected devices. The vulnerability affects a significant number of consumer and small business network devices, making it a widespread concern for network administrators and security professionals. This issue represents a failure in the principle of least privilege and violates security best practices for network management services.
The vulnerability aligns with CWE-284, which addresses improper access control in software systems, and maps to ATT&CK technique T1018 for valid accounts and T1046 for network service scanning. Network administrators should immediately implement mitigations including disabling SNMP access from external networks, applying firmware updates from Technicolor, and implementing network segmentation to isolate affected devices. Additional defensive measures include monitoring for unauthorized SNMP access attempts and ensuring that only trusted management stations can query these MIB objects. The incident highlights the critical importance of secure configuration management for network infrastructure devices and the necessity of regular security assessments to identify and remediate similar vulnerabilities in enterprise and consumer networks.