{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42418", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-08-12T21:29:23.306Z", "datePublished": "2024-08-22T19:52:32.736Z", "dateUpdated": "2024-08-22T20:14:28.840Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Outpost 0810", "vendor": "Avtec", "versions": [{"lessThan": "v5.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Outpost Uploader Utility", "vendor": "Avtec", "versions": [{"lessThan": "v5.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jonathan Fournier of Field Effect reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information</span>.</span>"}], "value": "Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-321", "description": "CWE-321", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-08-22T19:52:32.736Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Avtec recommends users update to Outpost v5.0 to resolve.</p><ul><li>When upgrading to Outpost Version 5.0.0 or later, reset the list of users to the default. More information and instructions can be found on Avtec's <a target=\"_blank\" rel=\"nofollow\" href=\"https://connect.avtecinc.com/bundle/Outpost_Uploader_Utility_User_Guide/page/Content/Outpost_User_Guide/Reset_Web_Auth.html\">Outpost Uploader Utility User Guide</a>&nbsp;for more information.</li><li>Restrict access to port 80 or disable web interface if possible.</li></ul><p>Additionally, Avtec recommends checking devices for Scout firmware versions prior to 5.8.1, which was commonly coupled with Outpost firmware. If so, the devices may also need to be updated to the latest firmware. For more information, please visit <a target=\"_blank\" rel=\"nofollow\" href=\"https://connect.avtecinc.com/bundle/Scout_Release_Notes_5_8/resource/Release_Notes_Scout.pdf\">Scout Release Notes</a>.</p>\n\n<br>"}], "value": "Avtec recommends users update to Outpost v5.0 to resolve.\n\n * When upgrading to Outpost Version 5.0.0 or later, reset the list of users to the default. More information and instructions can be found on Avtec's Outpost Uploader Utility User Guide https://connect.avtecinc.com/bundle/Outpost_Uploader_Utility_User_Guide/page/Content/Outpost_User_Guide/Reset_Web_Auth.html \u00a0for more information.\n * Restrict access to port 80 or disable web interface if possible.\n\n\nAdditionally, Avtec recommends checking devices for Scout firmware versions prior to 5.8.1, which was commonly coupled with Outpost firmware. If so, the devices may also need to be updated to the latest firmware. For more information, please visit Scout Release Notes https://connect.avtecinc.com/bundle/Scout_Release_Notes_5_8/resource/Release_Notes_Scout.pdf ."}], "source": {"advisory": "ICSA-24-235-04", "discovery": "EXTERNAL"}, "title": "Avtec Outpost Use of Hard-coded Cryptographic Key", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "avtec", "product": "outpost_0810", "cpes": ["cpe:2.3:a:avtec:outpost_0810:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "5.0.0", "versionType": "custom"}]}, {"vendor": "avtec", "product": "outpost_uploader_utility", "cpes": ["cpe:2.3:a:avtec:outpost_uploader_utility:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "5.0.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-22T20:11:55.031814Z", "id": "CVE-2024-42418", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T20:14:28.840Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42418", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-22T20:11:55.031814Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:avtec:outpost_0810:*:*:*:*:*:*:*:*"], "vendor": "avtec", "product": "outpost_0810", "versions": [{"status": "affected", "version": "0", "lessThan": "5.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:avtec:outpost_uploader_utility:*:*:*:*:*:*:*:*"], "vendor": "avtec", "product": "outpost_uploader_utility", "versions": [{"status": "affected", "version": "0", "lessThan": "5.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T20:14:20.519Z"}}], "cna": {"title": "Avtec Outpost Use of Hard-coded Cryptographic Key", "source": {"advisory": "ICSA-24-235-04", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Jonathan Fournier of Field Effect reported these vulnerabilities to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Avtec", "product": "Outpost 0810", "versions": [{"status": "affected", "version": "0", "lessThan": "v5.0.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Avtec", "product": "Outpost Uploader Utility", "versions": [{"status": "affected", "version": "0", "lessThan": "v5.0.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Avtec recommends users update to Outpost v5.0 to resolve.\n\n * When upgrading to Outpost Version 5.0.0 or later, reset the list of users to the default. More information and instructions can be found on Avtec's Outpost Uploader Utility User Guide https://connect.avtecinc.com/bundle/Outpost_Uploader_Utility_User_Guide/page/Content/Outpost_User_Guide/Reset_Web_Auth.html \u00a0for more information.\n * Restrict access to port 80 or disable web interface if possible.\n\n\nAdditionally, Avtec recommends checking devices for Scout firmware versions prior to 5.8.1, which was commonly coupled with Outpost firmware. If so, the devices may also need to be updated to the latest firmware. For more information, please visit Scout Release Notes https://connect.avtecinc.com/bundle/Scout_Release_Notes_5_8/resource/Release_Notes_Scout.pdf .", "supportingMedia": [{"type": "text/html", "value": "<p>Avtec recommends users update to Outpost v5.0 to resolve.</p><ul><li>When upgrading to Outpost Version 5.0.0 or later, reset the list of users to the default. More information and instructions can be found on Avtec's <a target=\"_blank\" rel=\"nofollow\" href=\"https://connect.avtecinc.com/bundle/Outpost_Uploader_Utility_User_Guide/page/Content/Outpost_User_Guide/Reset_Web_Auth.html\">Outpost Uploader Utility User Guide</a>&nbsp;for more information.</li><li>Restrict access to port 80 or disable web interface if possible.</li></ul><p>Additionally, Avtec recommends checking devices for Scout firmware versions prior to 5.8.1, which was commonly coupled with Outpost firmware. If so, the devices may also need to be updated to the latest firmware. For more information, please visit <a target=\"_blank\" rel=\"nofollow\" href=\"https://connect.avtecinc.com/bundle/Scout_Release_Notes_5_8/resource/Release_Notes_Scout.pdf\">Scout Release Notes</a>.</p>\n\n<br>", "base64": false}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information</span>.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "CWE-321"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-08-22T19:52:32.736Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42418", "state": "PUBLISHED", "dateUpdated": "2024-08-22T20:14:28.840Z", "dateReserved": "2024-08-12T21:29:23.306Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2024-08-22T19:52:32.736Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avtecinc:outpost_uploader_utility:*:*:*:*:*:*:*:*", "matchCriteriaId": "08BEDD1A-D8FF-4683-84D5-D42AC536A211", "versionEndExcluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avtecinc:outpost_0810_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "81EE9F23-85D5-4BC0-9516-57009CDC1137", "versionEndExcluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avtecinc:outpost_0810:-:*:*:*:*:*:*:*", "matchCriteriaId": "3009B785-3559-41A4-AA55-FEA043D71739", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information."}, {"lang": "es", "value": "Avtec Outpost utiliza una clave criptogr\u00e1fica predeterminada que se puede utilizar para descifrar informaci\u00f3n confidencial."}], "id": "CVE-2024-42418", "lastModified": "2024-09-04T18:22:22.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "NONE"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2024-08-22T20:15:09.470", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-321"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{}