Sign-up

ID

VAR-201911-1314


CVE

CVE-2019-15802


TITLE

Zyxel GS1900 Vulnerabilities related to the use of hard-coded credentials in device firmware

Trust: 0.8

sources: JVNDB: JVNDB-2019-012252

DESCRIPTION

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware. Zyxel GS1900 Device firmware contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. The ZyXEL GS1900 is a managed switch from ZyXEL, Taiwan. A security hole exists in the Zyxel GS1900 with this version of firmware prior to 2.50 (AAHH.0)C0

Trust: 2.16

sources: NVD: CVE-2019-15802 // JVNDB: JVNDB-2019-012252 // CNVD: CNVD-2019-41670

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-41670

AFFECTED PRODUCTS

vendor:zyxelmodel:gs1900-8scope:eqversion: -

Trust: 1.2

vendor:zyxelmodel:gs1900-8hpscope:eqversion: -

Trust: 1.2

vendor:zyxelmodel:gs1900-10hpscope:eqversion: -

Trust: 1.2

vendor:zyxelmodel:gs1900-24escope:ltversion:2.50\(aahk.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-24scope:ltversion:2.50\(aahl.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-24hpscope:ltversion:2.50\(aahm.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-10hpscope:ltversion:2.50\(aazi.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-16scope:ltversion:2.50\(aahj.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-48hpscope:ltversion:2.50\(aaho.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-8scope:ltversion:2.50\(aahh.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-8hpscope:ltversion:2.50\(aahi.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-48scope:ltversion:2.50\(aahn.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-10hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-16scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24escope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-48scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-48hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-8scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-8hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900 <2.50 c0scope: - version: -

Trust: 0.6

vendor:zyxelmodel:gs1900-8scope:eqversion:2.40

Trust: 0.6

vendor:zyxelmodel:gs1900-16scope:eqversion: -

Trust: 0.6

vendor:zyxelmodel:gs1900-8hpscope:eqversion:2.40

Trust: 0.6

vendor:zyxelmodel:gs1900-10hpscope:eqversion:2.40

Trust: 0.6

sources: CNVD: CNVD-2019-41670 // JVNDB: JVNDB-2019-012252 // CNNVD: CNNVD-201911-994 // NVD: CVE-2019-15802

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-15802
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-15802
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-41670
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201911-994
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-15802
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-41670
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-15802
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-15802
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-41670 // JVNDB: JVNDB-2019-012252 // CNNVD: CNNVD-201911-994 // NVD: CVE-2019-15802

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.8

sources: JVNDB: JVNDB-2019-012252 // NVD: CVE-2019-15802

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-994

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201911-994

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012252

PATCH
title:Zyxel security advisory for GS1900 switch vulnerabilitiesurl:https://www.zyxel.com/support/gs1900-switch-vulnerabilities.shtml
Trust: 0.8
title:Patch for Unknown vulnerability in ZyXEL GS1900 (CNVD-2019-41670)url:https://www.cnvd.org.cn/patchInfo/show/191503
Trust: 0.6
title:ZyXEL GS1900 Repair measures for trust management problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103487
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-41670 // 
            
            
            
            JVNDB: JVNDB-2019-012252 // 
            
            
            
            CNNVD: CNNVD-201911-994

EXTERNAL IDS
db:NVDid:CVE-2019-15802
Trust: 3.0
db:JVNDBid:JVNDB-2019-012252
Trust: 0.8
db:CNVDid:CNVD-2019-41670
Trust: 0.6
db:CNNVDid:CNNVD-201911-994
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-41670 // 
            
            
            
            JVNDB: JVNDB-2019-012252 // 
            
            
            
            CNNVD: CNNVD-201911-994 // 
            
            
            
            NVD: CVE-2019-15802

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2019-15802
Trust: 2.0
url:https://jasper.la/exploring-zyxel-gs1900-firmware-with-ghidra.html
Trust: 1.6
url:https://www.zyxel.com/support/gs1900-switch-vulnerabilities.shtml
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15802
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2019-41670 // 
            
            
            
            JVNDB: JVNDB-2019-012252 // 
            
            
            
            CNNVD: CNNVD-201911-994 // 
            
            
            
            NVD: CVE-2019-15802

SOURCES
db:CNVDid:CNVD-2019-41670
db:JVNDBid:JVNDB-2019-012252
db:CNNVDid:CNNVD-201911-994
db:NVDid:CVE-2019-15802

LAST UPDATE DATE
2024-11-23T23:04:35.455000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-41670date:2019-11-21T00:00:00
db:JVNDBid:JVNDB-2019-012252date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-994date:2019-11-25T00:00:00
db:NVDid:CVE-2019-15802date:2024-11-21T04:29:29.790

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-41670date:2019-11-21T00:00:00
db:JVNDBid:JVNDB-2019-012252date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-994date:2019-11-14T00:00:00
db:NVDid:CVE-2019-15802date:2019-11-14T21:15:11.797