Details of VAR-201306-0358

ID

VAR-201306-0358

CVE

CVE-2013-4734

TITLE

Digital Alert Systems DASDEC and Monroe Electronics R189 One-Net firmware exposes private root SSH key

Trust: 0.8

sources: CERT/CC: VU#662676

DESCRIPTION

dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors. An attacker with SSH access to a device could use the key to log in with root privileges. Multiple EAS devices from multiple vendors are prone to an insecure password generation vulnerability

Trust: 3.15

sources: NVD: CVE-2013-4734 // CERT/CC: VU#662676 // JVNDB: JVNDB-2013-003172 // CNVD: CNVD-2013-08664 // BID: 60913

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-08664

AFFECTED PRODUCTS

vendor:	monroe	model:	r189 one-net eas	scope:	eq	version:	2.0-0	Trust: 1.0
vendor:	monroe	model:	r189 one-net eas	scope:	lte	version:	2.0-1	Trust: 1.0
vendor:	digital alert	model:	dasdec eas	scope:	lte	version:	2.0-1	Trust: 1.0
vendor:	digital alert	model:	dasdec eas	scope:	eq	version:	2.0-0	Trust: 1.0
vendor:	digital alert	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	monroe	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	digital alert	model:	dasdec	scope:	lt	version:	eas 2.0-2	Trust: 0.8
vendor:	monroe	model:	r189 one-net	scope:	lt	version:	eas 2.0-2	Trust: 0.8
vendor:	monroe	model:	electronics one-net e189 emergency alert system devices	scope:	-	version:	-	Trust: 0.6
vendor:	digital	model:	alert systems dasdec	scope:	-	version:	-	Trust: 0.6
vendor:	monroe	model:	electronics r189se one-netse	scope:	eq	version:	0	Trust: 0.3
vendor:	monroe	model:	electronics r189 one-net	scope:	eq	version:	0	Trust: 0.3
vendor:	digital	model:	alert systems dasdec-ii	scope:	eq	version:	0	Trust: 0.3
vendor:	digital	model:	alert systems dasdec-i	scope:	eq	version:	0	Trust: 0.3
vendor:	monroe	model:	electronics r189se one-netse	scope:	ne	version:	2.0-2	Trust: 0.3
vendor:	monroe	model:	electronics r189 one-net	scope:	ne	version:	2.0-2	Trust: 0.3
vendor:	digital	model:	alert systems dasdec-ii	scope:	ne	version:	2.0-2	Trust: 0.3
vendor:	digital	model:	alert systems dasdec-i	scope:	ne	version:	2.0-2	Trust: 0.3

sources: CERT/CC: VU#662676 // CNVD: CNVD-2013-08664 // BID: 60913 // JVNDB: JVNDB-2013-003172 // NVD: CVE-2013-4734

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-4734
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-0137
value:	HIGH
Trust: 0.8
NVD:	CVE-2013-4734
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-08664
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201306-519
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2013-4734
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
NVD:	CVE-2013-0137
severity:	HIGH
baseScore:	10.0
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2013-08664
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CERT/CC: VU#662676 // CNVD: CNVD-2013-08664 // JVNDB: JVNDB-2013-003172 // CNNVD: CNNVD-201306-519 // NVD: CVE-2013-4734

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-4734

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201306-519

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201306-519

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003172

PATCH

title:	Monroe Electronics Provides New Software Update Enhancing Security and Functionality	url:	http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdf	Trust: 0.8
title:	Monroe Electronics Provides New Software Update Enhancing Security and Functionality	url:	http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdf	Trust: 0.8
title:	TA13-175A	url:	http://software.fujitsu.com/jp/security/vulnerabilities/ta13-175a.html	Trust: 0.8
title:	Multiple vendors' EAS device passwords generate patches for insecure vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/34922	Trust: 0.6
title:	Digital Alert Systems DASDEC EAS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=170991	Trust: 0.6

sources: CNVD: CNVD-2013-08664 // JVNDB: JVNDB-2013-003172 // CNNVD: CNNVD-201306-519

EXTERNAL IDS

db:	CERT/CC	id:	VU#662676	Trust: 4.1
db:	NVD	id:	CVE-2013-4734	Trust: 3.3
db:	USCERT	id:	TA13-175A	Trust: 1.6
db:	JVN	id:	JVNVU99235742	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-003172	Trust: 0.8
db:	CNVD	id:	CNVD-2013-08664	Trust: 0.6
db:	CNNVD	id:	CNNVD-201306-519	Trust: 0.6
db:	BID	id:	60913	Trust: 0.3

sources: CERT/CC: VU#662676 // CNVD: CNVD-2013-08664 // BID: 60913 // JVNDB: JVNDB-2013-003172 // CNNVD: CNNVD-201306-519 // NVD: CVE-2013-4734

REFERENCES

url:	http://www.kb.cert.org/vuls/id/662676	Trust: 3.3
url:	http://www.kb.cert.org/vuls/id/aamn-98muk2	Trust: 2.7
url:	http://www.kb.cert.org/vuls/id/aamn-98mu7h	Trust: 2.7
url:	http://www.monroe-electronics.com/monroe_electronics_pdf/130604-monroe-security-pr.pdf	Trust: 2.4
url:	http://www.digitalalertsystems.com/pdf/130604-monroe-security-pr.pdf	Trust: 2.4
url:	http://www.us-cert.gov/ncas/alerts/ta13-175a	Trust: 1.6
url:	http://www.monroe-electronics.com/eas_pages/r189se_registration.html	Trust: 1.6
url:	http://www.monroe-electronics.com/eas_pages/prod_r189se.html	Trust: 0.8
url:	http://www.digitalalertsystems.com/products_enc-dec.html	Trust: 0.8
url:	http://www.digitalalertsystems.com/pdf/wpdas-122.pdf	Trust: 0.8
url:	http://www.fcc.gov/guides/emergency-alert-system-eas	Trust: 0.8
url:	http://www.ioactive.com/news-events/ioactive_uncovers_vulnerabilities_in_united_states_emergency_alerting_system.html	Trust: 0.8
url:	http://www.ioactive.com/pdfs/ioactive_dasdec_vulnerabilities.pdf	Trust: 0.8
url:	http://blog.ioactive.com/2013/10/strike-two-for-emergency-alerting.html	Trust: 0.8
url:	http://blog.ioactive.com/2013/07/why-vendor-openness-still-matters.html	Trust: 0.8
url:	http://www.commlawblog.com/2013/02/articles/broadcast/fcc-urges-broadcasters-to-secure-eas-equipment/	Trust: 0.8
url:	http://www.broadcastlawblog.com/2013/02/articles/emergency-communications/hackers-use-eas-to-send-alert-of-zombie-attack-fcc-issues-urgent-warning-to-broadcasters-to-secure-their-eas-systems/	Trust: 0.8
url:	http://www.radioworld.com/article/eas-hack-cap-not-the-issue-internet-security-is/217746	Trust: 0.8
url:	http://www.radioworld.com/article/stations-urged-to-protect-their-eas/217746	Trust: 0.8
url:	http://transition.fcc.gov/pshs/techtopics/techtopics21.html	Trust: 0.8
url:	http://www.thebdr.net/articles/fcc/eas/eas.html	Trust: 0.8
url:	http://www.thebdr.net/articles/fcc/eas/eas-q5.pdf	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/798.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/532.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/341.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/320.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/321.html	Trust: 0.8
url:	http://www.cert.org/downloads/vuls/662676/ssh-key-test.sh	Trust: 0.8
url:	https://raw.github.com/aspiers/ssh-config/master/bin/ssh-list-pubkeys	Trust: 0.8
url:	http://www.wired.com/threatlevel/2013/07/eas-holes/	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4734	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu99235742	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4734	Trust: 0.8
url:	http://www.digitalalertsystems.com/	Trust: 0.3
url:	http://www.monroe-electronics.com/	Trust: 0.3

sources: CERT/CC: VU#662676 // CNVD: CNVD-2013-08664 // BID: 60913 // JVNDB: JVNDB-2013-003172 // CNNVD: CNNVD-201306-519 // NVD: CVE-2013-4734

CREDITS

Mike Davis and Cesar Cerrudo of IOActive

Trust: 0.3

sources: BID: 60913

SOURCES

db:	CERT/CC	id:	VU#662676
db:	CNVD	id:	CNVD-2013-08664
db:	BID	id:	60913
db:	JVNDB	id:	JVNDB-2013-003172
db:	CNNVD	id:	CNNVD-201306-519
db:	NVD	id:	CVE-2013-4734

LAST UPDATE DATE

2025-04-11T22:59:06.997000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#662676	date:	2014-05-07T00:00:00
db:	CNVD	id:	CNVD-2013-08664	date:	2013-07-03T00:00:00
db:	BID	id:	60913	date:	2013-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2013-003172	date:	2013-07-02T00:00:00
db:	CNNVD	id:	CNNVD-201306-519	date:	2021-11-24T00:00:00
db:	NVD	id:	CVE-2013-4734	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#662676	date:	2013-06-26T00:00:00
db:	CNVD	id:	CNVD-2013-08664	date:	2013-07-03T00:00:00
db:	BID	id:	60913	date:	2013-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2013-003172	date:	2013-07-02T00:00:00
db:	CNNVD	id:	CNNVD-201306-519	date:	2013-06-30T00:00:00
db:	NVD	id:	CVE-2013-4734	date:	2013-06-30T19:28:10.923