Headline
CVE-2023-45194: Multiple vulnerabilities in Micro Research MR-GM series
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communication without changing the pre-shared key from the factory-default configuration.
Published:2023/10/10 Last Updated:2023/10/10
Overview
MR-GM series provided by Micro Research Ltd. contains multiple vulnerabilities.
Products Affected
All MR-GM2/MR-GM3 models equipped with wireless LAN functionality are affected by these vulnerabilities.
- MR-GM2 firmware Ver. 3.00.03 and earlier
- MR-GM3 series (MR-GM3-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier
MR-GM3L series is not affected by these vulnerabilities.
Description
MR-GM series provided by Micro Research Ltd. contains multiple vulnerabilities listed below.
Out-of-bounds write (CWE-787) - CVE-2021-35392, CVE-2021-35393
CVSS v3
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score: 4.3
Use of default credentials (CWE-1392) - CVE-2023-45194
CVSS v3
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Base Score: 6.1
Impact
- When the WPS function of the product is enabled, the WPS function may fall into a denial-of-service (DoS) condition by an attacker who has access to the product - CVE-2021-35392, CVE-2021-35393
- When the product performs wireless LAN communication without changing the pre-shared key from the factory-default configuration, the communication can be intercepted by an attacker - CVE-2023-45194
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
References
- Realtek_APRouter_SDK_Advisory
Realtek AP-Router SDK Advisory (CVE-2021-35392/CVE-2021-35393/CVE-2021-35394/CVE-2021-35395)
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
CVE-2021-35392, CVE-2021-35393
Katsuhiko Sato(a.k.a. goroh_kun) of 00One, Inc. reported that these old vulnerabilities remain in the product.
JPCERT/CC coordinated with the developer.
CVE-2023-45194
Katsuhiko Sato(a.k.a. goroh_kun) of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
Other Information
JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
CVE-2023-45194
JVN iPedia
Related news
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a critical
By Deeba Ahmed This is a critical vulnerability affecting almost 190 models of devices from 66 different manufacturers. This is a post from HackRead.com Read the original post: Critical Realtek Vulnerability Impacting IoT Devices Worldwide
Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months. Close to 50% of the attacks
Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents.