Published:2022/05/09  Last Updated:2022/05/09

JVN#58266015
Multiple vulnerabilities in multiple MEIKYO ELECTRIC products

Overview

Multiple MEIKYO ELECTRIC products provided by MEIKYO ELECTRIC CO.,LTD. contain multiple vulnerabilities.

Products Affected

  • Rebooter
    • WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions
    • WATCH BOOT light RPC-M5C [End of Sale] all firmware versions
    • WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions
    • WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions
    • WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D
    • WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D
    • WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A
    • Signage Rebooter RPC-M4HSi firmware version 1.00A
  • PoE Rebooter
    • PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A
  • Scheduler
    • TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions
    • TIME BOOT RSC-MT8F [End of Sale] all firmware versions
    • TIME BOOT RSC-MT8FP [End of Sale] all firmware versions
    • TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A
    • TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E
  • Contact Converter
    • POSE SE10-8A7B1 firmware version 1.00A to 1.20A

Description

Multiple MEIKYO ELECTRIC products provided by MEIKYO ELECTRIC CO.,LTD. contain multiple vulnerabilities listed below.

  • Cross-site request forgery (CWE-352) - CVE-2022-27632
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Base Score: 5.4
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:P Base Score: 4.0
  • Cross-site scripting (CWE-79) - CVE-2022-28717
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Base Score: 3.5
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5

Impact

  • If a user views a malicious page while logged in to the product's web interface, unintended operations may be performed - CVE-2022-27632
  • An arbitrary script may be executed on the web browser of the user who is accessing the product's web interface - CVE-2022-28717

Solution

CVE-2022-27632
Apply the Workaround
Apply the following workaround to avoid the impacts of this vulnerability.

  • Do not browse pages other than the product's web interface on the same web browser while logging in to the web interface
CVE-2022-28717
Update the firmware
Apply the appropriate firmware update according to the information provided by the developer.
For more information, refer to the information provided by the developer.

Stop using the products and Switch to alternative products
The developer states that the following products are no longer supported, and recommends to use alternative unaffected products.
  • Rebooter
    • WATCH BOOT nino RPC-M2C
    • WATCH BOOT light RPC-M5C
    • WATCH BOOT L-zero RPC-M4L
    • WATCH BOOT mini RPC-M4H
  • Scheduler
    • TIME BOOT mini RSC-MT4H
    • TIME BOOT RSC-MT8F
    • TIME BOOT RSC-MT8FP

Vendor Status

Vendor Link
MEIKYO ELECTRIC CO.,LTD. Multiple vulnerabilities in MEIKYO Rebooter, Scheduler, Contact Converter (Text in Jpanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Takayuki Sasaki of Yokohama National University reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-27632
CVE-2022-28717
JVN iPedia JVNDB-2022-000028