{"id": "CVE-2021-44564", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2022-01-06T12:15:08.190", "references": [{"url": "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.kalkitech.com/cybersecurity/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products)."}, {"lang": "es", "value": "Una vulnerabilidad de seguridad reportada originalmente en el producto SYNC2101, y aplicable a subfamilias espec\u00edficas de dispositivos SYNC, permite a un atacante descargar el archivo de configuraci\u00f3n usado en el dispositivo y aplicar un archivo de configuraci\u00f3n modificado al dispositivo. El ataque requiere el acceso a la red del dispositivo SYNC y el conocimiento de su direcci\u00f3n IP. El ataque aprovecha el canal de comunicaci\u00f3n no seguro usado entre la herramienta de administraci\u00f3n Easyconnect y el dispositivo SYNC (en la familia de productos SYNC afectados)."}], "lastModified": "2022-01-14T16:46:31.343", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync241-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88D85FB1-6FF7-4D55-A26A-352B7EB03722", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync241-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B1AA2BC-CA0A-4028-90D1-547CB0031389"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync241-m2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "911A0B2D-5290-42C5-9877-160B20F4D9AD", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync241-m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72558BCA-8D30-4842-BA8A-51BB4D26915C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync241-m4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D39E14B2-2C63-42FE-ABF3-6016E4F41432", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync241-m4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32E82DDF-D777-44DC-8FBF-C3F04663F9A9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync261-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFFF582F-D51E-428A-B00E-1F8519FC609A", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync261-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3B18F41-ED50-42D3-B9D4-3DEF640EE228"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2000-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F52CE9C4-7586-4342-8EB4-4F8E6E514A69", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2000-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A971040A-55A6-4833-8750-AF1870452FD6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2000-m2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE688854-F15C-4617-BBF5-ABB08CD8304C", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2000-m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EEA1AC32-480A-4FF1-8A01-5B59B2D5C139"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2000-m4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D164D066-98FB-4326-9BCE-D1AC32F02011", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2000-m4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06578C60-4641-4B0D-8CD3-C1F10A56C1E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2101-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "317C3804-E08B-4EC3-9DCA-C34758A6488F", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2101-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74E4360A-504B-46DE-B94A-6055B16AA697"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2101-m2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615A140F-1611-4170-BE74-E0A8AFA1E1F8", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2101-m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F5C62DCF-E364-4EA1-B82C-531BDB45570A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2101-m6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAC44331-522B-49A7-BC5E-DD3A072F9453", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2101-m6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1AC7FC0-6572-463D-A325-51AC5B7F8E6C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2101-m7_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAB56747-F98E-4064-A228-8C383384702B", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2101-m7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A4F70EF2-3CDA-40C0-8683-19D74C202ACF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2101-m8_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7FD3B17-A78B-4CCD-965C-29DCEAFB41FC", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2101-m8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "231542BD-36DD-4B36-A8A9-9E4FA740E04B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2111-m2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64050E57-2E3A-4752-90FC-4F0415F83641", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2111-m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "49E004F8-D287-43A2-AF98-0269DAA3DA24"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync2111-m3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C7FE851-E9D8-4ADE-A57A-D869BB8CF386", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync2111-m3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "550A1D61-948A-48CE-9900-CE86FE2E3347"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync3000-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D05C9788-A6D1-458B-A926-706FCD175FEB", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync3000-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F51E3F9-E8D7-4BF6-B435-F6926B4E2A6B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync3000-m2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F410F404-6ECA-4303-94B3-D223D78B85F8", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync3000-m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0595CA0-9FAA-4FA2-8598-E6C5BE144055"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync3000-m3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F141A804-2F76-4AC3-8872-3AF1A7E0257F", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync3000-m3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D704951-FA3B-4829-96A2-5EA36075DFF8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync3000-m4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "626BCE19-E438-4ADE-9771-671B687FF0C8", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync3000-m4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "727E9705-10AF-4889-823A-7EFC7C520410"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync3000-m12_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BDF76E6-3116-4AD2-BF74-E05757779507", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync3000-m12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "120D54D9-B91A-405E-834C-4091C333541C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kalkitech:sync221-m1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5665FBD-37BE-4F60-B6B4-D67C1798B3B3", "versionEndIncluding": "4.15.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:kalkitech:sync221-m1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "735A8425-DA8A-4787-BBD5-1CBE83421D1E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}