github - ghsa-prgf-4jmg-r3v9

ghsa-prgf-4jmg-r3v9

Vulnerability from github

Published

2025-02-07 03:32

Modified

2025-02-07 03:32

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system. This grants them unauthorized administrative access to protected areas of the application, compromising the device's system security.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-0674"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-07T00:15:27Z",
    "severity": "CRITICAL"
  },
  "details": "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user\u0027s password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device\u0027s system security.",
  "id": "GHSA-prgf-4jmg-r3v9",
  "modified": "2025-02-07T03:32:03Z",
  "published": "2025-02-07T03:32:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0674"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CVE-2025-0674 (GCVE-0-2025-0674)

Vulnerability from cvelistv5

Published

2025-02-06 23:42

Modified

2025-02-12 19:41

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-288

Summary

Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system. This grants them unauthorized administrative access to protected areas of the application, compromising the device's system security.

References

URL

Tags

https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03

Impacted products

Vendor

Product

Version

Signum DVB-S/S2 IRD

Version: 0 <

	Elber	Cleber/3 Broadcast Multi-Purpose Platform	Version: 1.0
	Elber	Reble610 M/ODU XPIC IP-ASI-SDH	Version: 0.01
	Elber	ESE DVB-S/S2 Satellite Receiver	Version: 0 <
	Elber	Wayber Analog/Digital Audio STL	Version: 4

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0674",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T15:16:22.044171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:41:07.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Signum DVB-S/S2 IRD",
          "vendor": "Elber",
          "versions": [
            {
              "lessThanOrEqual": "1.999",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cleber/3 Broadcast Multi-Purpose Platform",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Reble610 M/ODU XPIC IP-ASI-SDH",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "0.01"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ESE DVB-S/S2 Satellite Receiver",
          "vendor": "Elber",
          "versions": [
            {
              "lessThanOrEqual": "1.5.179",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Wayber Analog/Digital Audio STL",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Gjoko Krstic of Zero Science Lab reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user\u0027s password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device\u0027s system security."
            }
          ],
          "value": "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user\u0027s password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device\u0027s system security."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-06T23:42:33.517Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03"
        }
      ],
      "source": {
        "advisory": "ICSA-25-035-03",
        "discovery": "EXTERNAL"
      },
      "title": "Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Elber does not plan to mitigate these vulnerabilities because this \nequipment is either end of life or almost end of life. Users of affected\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \nElber \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://elber.it/en/elber-contacts.php\"\u003ecustomer support\u003c/a\u003e for additional information.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Elber does not plan to mitigate these vulnerabilities because this \nequipment is either end of life or almost end of life. Users of affected\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \nElber  customer support https://elber.it/en/elber-contacts.php  for additional information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-0674",
    "datePublished": "2025-02-06T23:42:33.517Z",
    "dateReserved": "2025-01-23T15:00:24.797Z",
    "dateUpdated": "2025-02-12T19:41:07.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.