A number of security flaws have been uncovered in a networking ingredient in Garrett Metal Detectors that could enable distant attackers to bypass authentication specifications, tamper with metallic detector configurations, and even execute arbitrary code on the products.
“An attacker could manipulate this module to remotely keep track of figures on the metallic detector, this kind of as regardless of whether the alarm has been induced or how quite a few guests have walked through,” Cisco Talos mentioned in a disclosure publicized very last week. “They could also make configuration improvements, these kinds of as altering the sensitivity degree of a unit, which perhaps poses a security risk to consumers who rely on these metal detectors.”
Talos security researcher Matt Wiseman has been credited with discovering and reporting these vulnerabilities on August 17, 2021. Patches have been unveiled by the seller on December 13, 2021.
The flaws reside in Garrett iC Module, which allows customers to talk to walk-by way of metal detectors like Garrett PD 6500i or Garrett MZ 6100 employing a computer system through the network, possibly wired or wirelessly. It permits buyers to regulate and monitor the gadgets from a distant place in genuine-time.
The record of security vulnerabilities is below –
- CVE-2021-21901 (CVSS score: 9.8), CVE-2021-21903 (CVSS rating: 9.8), CVE-2021-21905, and CVE-2021-21906 (CVSS scores: 8.2) – Stack-based buffer overflow vulnerabilities that can be activated by sending a destructive packet to the product
- CVE-2021-21902 (CVSS rating: 7.5) – An authentication bypass vulnerability stemming from a race affliction that can be brought on by sending a sequence of requests
- CVE-2021-21904 (CVSS score: 9.1), CVE-2021-21907 (CVSS rating: 4.9), CVE-2021-21908, and CVE-2021-21909 (CVSS scores: 6.5) – Directory traversal vulnerabilities that could be exploited by sending specifically crafted commands
Prosperous exploitation of the aforementioned flaws in iC Module CMA variation 5. could let an attacker to hijack an authenticated user’s session, go through, generate, or delete arbitrary data files on the device, and even worse, direct to remote code execution.
In mild of the severity of the security vulnerabilities, buyers are extremely proposed to update to the most up-to-date variation of the firmware as before long as attainable.
Identified this posting fascinating? Follow THN on Facebook, Twitter and LinkedIn to read much more exclusive content we submit.
Some sections of this write-up are sourced from: