Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:902793
HistoryApr 06, 2010 - 12:00 a.m.

IntelliCom NetBiter devices have default HICP passwords

2010-04-0600:00:00
www.kb.cert.org
30

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.9%

JSON

Overview

IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could change network settings and prevent legitimate users from accessing the HICP service.

Description

IntelliCom NetBiter products use the proprietary HICP protocol to configure ethernet and IP network settings. NetBiter devices ship with default, well-known HICP passwords. The password is not hard-coded (persistent) as described in the original post by Rubén Santamarta. The password is set by default but can be changed.

Impact

An attacker with network access could change network settings and prevent legitimate users from accessing the HICP service. HICP transmits the password in plain text, so the attacker may also be able to monitor HICP communication and read the changed password.

Solution

Change default passwords

Change the default password before deploying NetBiter devices in an production environment. Please see IntelliCom Security Bulletin ISFR-4404-0008.

Restrict access

Restrict access to SCADA, DCS, and other control system networks, particularly networks using open protocols like HICP.

Vendor Information

902793

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

IntelliCom Innovation AB __ Affected

Updated: April 29, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

Please see IntelliCom Security Bulletin ISFR-4404-0008.

Vendor References

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This information was published by Rubén Santamarta. The default password is also documented in NetBiter user manuals. ICS-CERT researched this vulnerability and confirmed that the HICP password can be changed and is not persistent.

This document was written by Art Manion.

Other Information

CVE IDs: CVE-2009-4463
Date Public: 2009-12-12 Date First Published:

Related

cve 5
prion 5
nvd 5
cvelist 5
cve
cve
CVE-2009-4463
2009-12-30 20:00:01
CVE-2010-4730
2022-10-03 16:21:06
CVE-2010-4733
2022-10-03 16:21:04
prion
prion
Hardcoded credentials
2009-12-30 20:00:00
Design/Logic Flaw
2011-02-15 01:00:00
Path traversal
2011-02-15 01:00:00
nvd
nvd
CVE-2009-4463
2009-12-30 20:00:01
CVE-2010-4730
2011-02-15 01:00:01
CVE-2010-4733
2011-02-15 01:00:01
cvelist
cvelist
CVE-2009-4463
2009-12-30 19:00:00
CVE-2010-4730
2022-10-03 16:21:06
CVE-2010-4731
2022-10-03 16:21:05

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.9%

JSON
Related for VU:902793
cve5prion5nvd5cvelist5