CVE-2021-26637 - OpenCVE

There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Shinasys	Sihas Acm-300 Sihas Acm-300 Firmware Sihas Gcm-300 Sihas Gcm-300 Firmware Sihas Sgw-300 Sihas Sgw-300 Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:shinasys:sihas_sgw-300_firmware:-:::::android::
	cpe:2.3:o:shinasys:sihas_sgw-300_firmware:-:::::iphone_os::

cpe:2.3:h:shinasys:sihas_sgw-300:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:shinasys:sihas_acm-300_firmware:-:::::android::
	cpe:2.3:o:shinasys:sihas_acm-300_firmware:-:::::iphone_os::

cpe:2.3:h:shinasys:sihas_acm-300:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:shinasys:sihas_gcm-300_firmware:-:::::android::
	cpe:2.3:o:shinasys:sihas_gcm-300_firmware:-:::::iphone_os::

cpe:2.3:h:shinasys:sihas_gcm-300:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782

History

No history.

MITRE

Status: PUBLISHED

Assigner: krcert

Published: 2022-06-22T13:55:58

Updated: 2024-08-03T20:26:25.557Z

Reserved: 2021-02-03T00:00:00

Link: CVE-2021-26637

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-06-23T17:15:11.223

Modified: 2023-06-26T17:49:21.467

Link: CVE-2021-26637

Redhat

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Android, iOS"], "product": "SiHAS firmware", "vendor": "Shina System Co.,Ltd", "versions": [{"status": "affected", "version": "1.xx"}]}, {"platforms": ["Android, iOS"], "product": "SiHAS old app", "vendor": "Shina System Co.,Ltd", "versions": [{"status": "affected", "version": "old app"}]}], "descriptions": [{"lang": "en", "value": "There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-22T13:55:58", "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "shortName": "krcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782"}], "source": {"discovery": "UNKNOWN"}, "title": "SiHAS Improper Authentication vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vuln@krcert.or.kr", "ID": "CVE-2021-26637", "STATE": "PUBLIC", "TITLE": "SiHAS Improper Authentication vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SiHAS firmware", "version": {"version_data": [{"platform": "Android, iOS", "version_affected": "=", "version_value": "1.xx"}]}}]}, "vendor_name": "Shina System Co.,Ltd"}, {"product": {"product_data": [{"product_name": "SiHAS old app", "version": {"version_data": [{"platform": "Android, iOS", "version_affected": "=", "version_value": "old app"}]}}]}, "vendor_name": "Shina System Co.,Ltd"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287 Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782", "refsource": "MISC", "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:26:25.557Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782"}]}]}, "cveMetadata": {"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "assignerShortName": "krcert", "cveId": "CVE-2021-26637", "datePublished": "2022-06-22T13:55:58", "dateReserved": "2021-02-03T00:00:00", "dateUpdated": "2024-08-03T20:26:25.557Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:shinasys:sihas_sgw-300_firmware:-:*:*:*:*:android:*:*", "matchCriteriaId": "36D976E5-C402-422D-993F-71F836334BF4", "vulnerable": true}, {"criteria": "cpe:2.3:o:shinasys:sihas_sgw-300_firmware:-:*:*:*:*:iphone_os:*:*", "matchCriteriaId": "18C05738-5718-479A-B48C-0AA2E9C4C614", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:shinasys:sihas_sgw-300:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF740CC8-9151-4D14-AD14-7E8AC838D2EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:shinasys:sihas_acm-300_firmware:-:*:*:*:*:android:*:*", "matchCriteriaId": "7C17DEF3-634A-4814-8B98-80C4986A48B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:shinasys:sihas_acm-300_firmware:-:*:*:*:*:iphone_os:*:*", "matchCriteriaId": "134B4622-2DF7-41B2-BA3F-7289A328E450", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:shinasys:sihas_acm-300:-:*:*:*:*:*:*:*", "matchCriteriaId": "339BDFEA-58EA-4753-9827-E2BA2D4AB511", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:shinasys:sihas_gcm-300_firmware:-:*:*:*:*:android:*:*", "matchCriteriaId": "18787921-E115-4AA1-8806-A3554FBEF3A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:shinasys:sihas_gcm-300_firmware:-:*:*:*:*:iphone_os:*:*", "matchCriteriaId": "92973883-E5B1-4960-A29F-9F7B2D24D070", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:shinasys:sihas_gcm-300:-:*:*:*:*:*:*:*", "matchCriteriaId": "20B83DC0-AE88-46BB-977B-CC0ADCFEA641", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device."}, {"lang": "es", "value": "No se presenta una l\u00f3gica de autenticaci\u00f3n de cuentas y comprobaci\u00f3n de permisos en el firmware y en las aplicaciones existentes de SiHAS SGW-300, ACM-300 y GCM-300, por lo que usuarios no autorizados pueden controlar el dispositivo de forma remota"}], "id": "CVE-2021-26637", "lastModified": "2023-06-26T17:49:21.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "vuln@krcert.or.kr", "type": "Secondary"}]}, "published": "2022-06-23T17:15:11.223", "references": [{"source": "vuln@krcert.or.kr", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782"}], "sourceIdentifier": "vuln@krcert.or.kr", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "vuln@krcert.or.kr", "type": "Secondary"}]}