CVE-2016-1984 - The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcod

CVE-2016-1984

Summary

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362.

References

Vulnerable Configurations

cpe:2.3:o:harman:amx_firmware:1.2.322:*:*:*:*:*:*:*
cpe:2.3:o:harman:amx_firmware:1.2.322:*:*:*:*:*:*:*
cpe:2.3:o:harman:amx_firmware:1.3.100:*:*:*:*:*:*:*
cpe:2.3:o:harman:amx_firmware:1.3.100:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 06-12-2016 - 03:07)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

cert-vn	VU#992624
confirm	http://www.amx.com/techcenter/NXSecurityBrief/ http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files
fulldisc	20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices
misc	http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt

Last major update

06-12-2016 - 03:07

Published

22-01-2016 - 11:59

Last modified

06-12-2016 - 03:07