CVE-2021-20156

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated "check for updates" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.tenable.com/security/research/tra-2021-54	Third Party Advisory
https://www.tenable.com/security/research/tra-2021-54	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:46

Type	Values Removed	Values Added
References	~~() https://www.tenable.com/security/research/tra-2021-54 - Third Party Advisory~~	() https://www.tenable.com/security/research/tra-2021-54 - Third Party Advisory

Information

Published : 2021-12-30 22:15

Updated : 2024-11-21 05:46

NVD link : CVE-2021-20156

Mitre link : CVE-2021-20156

CVE.ORG link : CVE-2021-20156

JSON object : View

Products Affected

trendnet

tew-827dru
tew-827dru_firmware

CWE

CWE-347

Improper Verification of Cryptographic Signature

{"id": "CVE-2021-20156", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2021-12-30T22:15:08.893", "references": [{"url": "https://www.tenable.com/security/research/tra-2021-54", "tags": ["Third Party Advisory"], "source": "vulnreport@tenable.com"}, {"url": "https://www.tenable.com/security/research/tra-2021-54", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated \"check for updates\" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate."}, {"lang": "es", "value": "Trendnet AC2600 TEW-827DRU versi\u00f3n 2.08B01, contiene una configuraci\u00f3n de control de acceso inapropiada que podr\u00eda permitir una actualizaci\u00f3n de firmware maliciosa. Es posible instalar manualmente firmware que puede ser de naturaleza maliciosa, ya que no parece haber ninguna comprobaci\u00f3n de firma realizada para determinar si es de una fuente conocida y confiable. Esto incluye las actualizaciones de firmware que se realizan por medio de la \"check for updates\" automatizada en la interfaz de administraci\u00f3n. Si un atacante es capaz de hacerse pasar por el servidor de actualizaciones, el dispositivo no verificar\u00e1 que las actualizaciones de firmware descargadas son leg\u00edtimas.\n"}], "lastModified": "2024-11-21T05:46:01.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C008C1E-18D3-4A0C-97A1-89009310C55B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA6A79A7-46A7-446F-B512-4C75B5C214CE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vulnreport@tenable.com"}