{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-33897", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-22T23:03:06.344Z", "dateReserved": "2024-04-28T00:00:00", "datePublished": "2024-08-06T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-12T15:29:37.232342"}, "descriptions": [{"lang": "en", "value": "A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.ewon.biz/products/cosy/ewon-cosy-wifi"}, {"url": "https://www.hms-networks.com/cyber-security"}, {"url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf"}, {"url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-425", "lang": "en", "description": "CWE-425 Direct Request ('Forced Browsing')"}]}], "affected": [{"vendor": "hms-networks", "product": "ewon_cosy_firmware", "cpes": ["cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "21.0", "status": "affected", "lessThan": "21.2s10", "versionType": "custom"}, {"version": "22.0", "status": "affected", "lessThan": "22.1s3", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-06T19:09:32.260175Z", "id": "CVE-2024-33897", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T13:48:18.202Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Aug/24"}, {"url": "http://seclists.org/fulldisclosure/2024/Aug/27"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-22T23:03:06.344Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Aug/24"}, {"url": "http://seclists.org/fulldisclosure/2024/Aug/27"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-22T23:03:06.344Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-33897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-06T19:09:32.260175Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*"], "vendor": "hms-networks", "product": "ewon_cosy_firmware", "versions": [{"status": "affected", "version": "21.0", "lessThan": "21.2s10", "versionType": "custom"}, {"status": "affected", "version": "22.0", "lessThan": "22.1s3", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-425", "description": "CWE-425 Direct Request ('Forced Browsing')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T13:47:33.505Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.ewon.biz/products/cosy/ewon-cosy-wifi"}, {"url": "https://www.hms-networks.com/cyber-security"}, {"url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf"}, {"url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/"}], "descriptions": [{"lang": "en", "value": "A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-12T15:29:37.232342"}}}, "cveMetadata": {"cveId": "CVE-2024-33897", "state": "PUBLISHED", "dateUpdated": "2024-08-22T23:03:06.344Z", "dateReserved": "2024-04-28T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-08-06T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hms-networks:ewon_cosy\\+_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "04E2B00A-5F5D-455D-84DA-4ABFA82A1863", "versionEndExcluding": "21.2s10", "versionStartIncluding": "21.0s0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hms-networks:ewon_cosy\\+_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1873C613-5DB5-4BFB-A538-860E1BF6555B", "versionEndExcluding": "22.1s3", "versionStartIncluding": "22.0s0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_4g_apac:-:*:*:*:*:*:*:*", "matchCriteriaId": "26AE4359-63AD-4451-AACD-D621B9D422C7", "vulnerable": false}, {"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_4g_eu:-:*:*:*:*:*:*:*", "matchCriteriaId": "95A7AEB3-53A0-4B77-8DFB-8E92E4B24462", "vulnerable": false}, {"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_4g_jp:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0C2B08D-D645-4C04-B010-4FF85642F7B5", "vulnerable": false}, {"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_4g_na:-:*:*:*:*:*:*:*", "matchCriteriaId": "B85678D5-71F7-47EA-A21F-272BA9C02B33", "vulnerable": false}, {"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_ethernet:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F5917C5-AD12-4FB3-9DBB-D757DC053427", "vulnerable": false}, {"criteria": "cpe:2.3:h:hms-networks:ewon_cosy\\+_wifi:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1475F50-11AB-4290-8D1D-FFCA2245B0B3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024."}, {"lang": "es", "value": "Un dispositivo HMS Networks Cosy+ comprometido podr\u00eda usarse para solicitar una solicitud de firma de certificado de Talk2m para otro dispositivo, lo que generar\u00eda un problema de disponibilidad. El problema se solucion\u00f3 en el servidor de producci\u00f3n de Talk2m el 18 de abril de 2024."}], "id": "CVE-2024-33897", "lastModified": "2024-11-21T09:17:41.393", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-06T14:16:03.870", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.ewon.biz/products/cosy/ewon-cosy-wifi"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.hms-networks.com/cyber-security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Aug/24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Aug/27"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-425"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-425"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}