An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts.
The flaw exists in the authorization mechanism of the easyweb v2.1.53 application running on the operating system version OS v20231011. An attacker can remotely bypass the authentication procedure without possessing any credentials and gain access through service accounts. This results in the ability to perform administrative operations as if the attacker were an authorized user with the highest privileges.
An unauthorized attacker can perform arbitrary administrative actions on the device, which in an industrial environment can lead to disruption of production processes, modification of HMI controller configuration, and violation of data confidentiality and integrity.
Apply patches available from the manufacturer according to the references. Until the patch is applied, it is recommended to isolate HMI devices from untrusted networks, restrict network access to the easyweb panel using a firewall, and implement OT/IT network segmentation.
Weintek cMT-3072XH2 with easyweb software version 2.1.53 and operating system firmware OS v20231011
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeintek Cmt 3072xh2
HWWeintekwszystkie wersjeWeintek Cmt 3072xh2 Firmware
OSWeintek20231011Weintek Easyweb
APPWeintek2.1.53
Related vulnerabilities
Command injection z uprawnieniami root w Weintek cMT-3072XH2 easyweb
Wykonanie dowolnych poleceń przez endpoint reset_pj.cgi w Weintek cMT-3072XH2
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection...
Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, ...
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP pr...