Published:2024/05/31  Last Updated:2024/05/31

JVNVU#94872523
Seiko Solutions SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 vulnerable to OS command injection

Overview

SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contain a command injection vulnerability.

Products Affected

  • SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier
  • SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier

Description

SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contain a command injection vulnerability (CWE-77).

Impact

If the remote monitoring and control function is enabled on the product, an attacker with access to the product may execute an arbitrary command or login to the product with the administrator privilege.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
The developer released the following versions which contain a fix for this vulnerability.

  • SkyBridge MB-A100/MB-A110 Ver. 4.2.3 and later
  • SkyBridge BASIC MB-A130 Ver. 1.5.7 and later
Apply the workaround
Users who are not able to update to the fixed version are encouraged to apply the following workaround or mitigation provided by the developer.
[Workaround]
  • Disable remote monitoring and control function
  • Enable authentication or encryption in remote monitoring and control function
[Mitigation]
  • Use closed network
For more information, refer to the information provided by the developer.

Vendor Status

Vendor Link
Seiko Solutions Inc. SkyBridge MB-A100/110, SkyBridge BASIC MB-A130 vulnerability and countermeasures (Text in Japanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score: 9.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Comment

This analysis assumes a situation where access is from the WAN side.

Credit

Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2024-32850
JVN iPedia