Notified: January 20, 2017 Updated: February 01, 2017
Statement Date: January 31, 2017
Affected
This vulnerability was addressed in the basic design of our Addon keypad since its inception. The SH Designs program cannot be used to modify the firmware in our keypad without specialized knowledge of specific procedures necessary to initiate a firmware replacement. We have further strengthened the procedure as of firmware version 5.5.05 to include the necessity to also enter the administrator password to initiate a firmware replacement. To identify which type of protection your keypad has, verify the program version in the keypad by looking at the printed header at power-up. To be clear, the SH Designs program that has the vulnerability would normally only be used by trained service personnel on a very infrequent basis. Field updates to the firmware in the keypad are not often done. Also, specific knowledge of the keypad operation is necessary to use the SH Designs program to perform a firmware update. Furthermore, the knowledge and time investment necessary to create and install a program that might be able to perform a malicious action with an embedded processor like the one used in our keypad creates a very unlikely scenario that it would ever be attempted. Our product does not even use a standard operating system. The keypad is also normally used in a secure location that would have UDP access restricted at the router to the subnet level.
We are not aware of further vendor information regarding this vulnerability.
Notified: December 05, 2016 Updated: December 05, 2016
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: April 07, 2017 Updated: April 07, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
We have reached out to the vendor regarding the SHDesigns RDM vulnerability. Additionally, the cookie authentication bypass vulnerability reported in the tmcnet.com blog was assigned CVE IDs as follows: CVE-2007-6759 = Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie. CVE-2007-6760 = Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie.
Notified: January 20, 2017 Updated: January 20, 2017
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: January 20, 2017 Updated: January 20, 2017
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: January 20, 2017 Updated: January 20, 2017
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: January 13, 2017 Updated: January 26, 2017
Statement Date: January 13, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.