Sign-up

ID

VAR-201601-0430


CVE

CVE-2015-8362


TITLE

Harman AMX multimedia devices contain hard-coded credentials

Trust: 0.8

sources: CERT/CC: VU#992624

DESCRIPTION

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984. Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. plural Harman AMX There is an issue with the product where the account for debugging is hard coded. Problems with hard-coded credentials (CWE-798) - CVE-2015-8362 According to the discoverer's blog post, AMX Multiple models in the series have hardcoded administrative rights accounts (" back door ") Exists. Check the vulnerability advisory for discoverers for more information. AMX The release notes for stated that this was a debugging account. CWE-798: Use of Hard-coded Credentials http://cwe.mitre.org/data/definitions/798.html Blog post http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html Vulnerability advisory https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt AMX Release notes http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20FilesAn attacker who knows the authentication information may gain access to the device with administrator privileges. HarmanAMX is a series of conversion controller products from Harman Corporation of the United States. A security vulnerability exists in the \342\200\230setUpSubtleUserAccount\342\200\231 function in /bin/bwURI prior to HarmanAMX 2015-10-12, which was derived from a hard-coded password on a BlackWidow account. Multiple AMX Products are prone to a security-bypass vulnerability

Trust: 3.24

sources: NVD: CVE-2015-8362 // CERT/CC: VU#992624 // JVNDB: JVNDB-2016-001312 // CNVD: CNVD-2016-00786 // BID: 81545 // VULHUB: VHN-86323

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-00786

AFFECTED PRODUCTS

vendor:harmanmodel:amxscope:eqversion:1.3.100

Trust: 1.6

vendor:harmanmodel:amxscope:eqversion:1.2.322

Trust: 1.6

vendor:harmanmodel: - scope: - version: -

Trust: 0.8

vendor:harmanmodel:amxscope:eqversion:nx-1200 firmware v1.2.322

Trust: 0.8

vendor:harmanmodel:amxscope:eqversion:nx-1200 firmware v1.3.100

Trust: 0.8

vendor:harmanmodel:amxscope:ltversion:2015-10-12

Trust: 0.6

vendor:harmanmodel:amxscope:ltversion:2016-01-20

Trust: 0.6

sources: CERT/CC: VU#992624 // CNVD: CNVD-2016-00786 // JVNDB: JVNDB-2016-001312 // CNNVD: CNNVD-201601-603 // NVD: CVE-2015-8362

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2015-8362
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2015-8362
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2016-00786
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201601-603
value: CRITICAL

Trust: 0.6

VULHUB: VHN-86323
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-8362
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

NVD: CVE-2015-8362
severity: HIGH
baseScore: 10.0
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2016-00786
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-86323
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-8362
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: CERT/CC: VU#992624 // CNVD: CNVD-2016-00786 // VULHUB: VHN-86323 // JVNDB: JVNDB-2016-001312 // CNNVD: CNNVD-201601-603 // NVD: CVE-2015-8362

PROBLEMTYPE DATA

problemtype:CWE-255

Trust: 1.9

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-86323 // JVNDB: JVNDB-2016-001312 // NVD: CVE-2015-8362

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-603

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201601-603

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-001312

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#992624

PATCH
title:NetLinx Controller Security Briefurl:http://www.amx.com/techcenter/NXSecurityBrief/
Trust: 0.8
title:Firmware Files - Hot Fix Filesurl:http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files
Trust: 0.8
title:HarmanAMX has an unspecified vulnerability (CNVD-2016-00786) patchurl:https://www.cnvd.org.cn/patchInfo/show/71076
Trust: 0.6
title:Harman AMX Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59921
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-00786 // 
            
            
            
            JVNDB: JVNDB-2016-001312 // 
            
            
            
            CNNVD: CNNVD-201601-603

EXTERNAL IDS
db:CERT/CCid:VU#992624
Trust: 3.6
db:NVDid:CVE-2015-8362
Trust: 3.4
db:ICS CERTid:ICSA-16-049-02
Trust: 2.2
db:BIDid:81545
Trust: 1.4
db:JVNid:JVNVU99819594
Trust: 0.8
db:JVNDBid:JVNDB-2016-001312
Trust: 0.8
db:CNNVDid:CNNVD-201601-603
Trust: 0.7
db:CNVDid:CNVD-2016-00786
Trust: 0.6
db:VULHUBid:VHN-86323
Trust: 0.1
sources:
            
            
            CERT/CC: VU#992624 // 
            
            
            
            CNVD: CNVD-2016-00786 // 
            
            
            
            VULHUB: VHN-86323 // 
            
            
            
            BID: 81545 // 
            
            
            
            JVNDB: JVNDB-2016-001312 // 
            
            
            
            CNNVD: CNNVD-201601-603 // 
            
            
            
            NVD: CVE-2015-8362

REFERENCES
url:http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html
Trust: 3.6
url:https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_amx_deliberately_hidden_backdoor_account_v10.txt
Trust: 3.3
url:http://www.amx.com/techcenter/nxsecuritybrief/
Trust: 3.1
url:http://seclists.org/fulldisclosure/2016/jan/63
Trust: 2.8
url:https://www.kb.cert.org/vuls/id/992624
Trust: 2.8
url:http://www.amx.com/techcenter/firmware.asp?category=hot%20fix%20files
Trust: 2.5
url:https://ics-cert.us-cert.gov/advisories/icsa-16-049-02
Trust: 2.2
url:http://www.securityfocus.com/bid/81545
Trust: 1.1
url:http://www.securityfocus.com/archive/1/537343/100/0/threaded
Trust: 1.1
url:http://www.amx.com/assets/whitepapers/amx.avit.administrators.guide.pdf
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8362
Trust: 0.8
url:http://jvn.jp/vu/jvnvu99819594/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8362
Trust: 0.8
url:http://www.amx.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#992624 // 
            
            
            
            CNVD: CNVD-2016-00786 // 
            
            
            
            VULHUB: VHN-86323 // 
            
            
            
            BID: 81545 // 
            
            
            
            JVNDB: JVNDB-2016-001312 // 
            
            
            
            CNNVD: CNNVD-201601-603 // 
            
            
            
            NVD: CVE-2015-8362

CREDITS
Matthias Klinski, Manuel Hofer (Office Vienna) SEC Consult Vulnerability Lab
Trust: 0.3
sources:
            
            
            BID: 81545

SOURCES
db:CERT/CCid:VU#992624
db:CNVDid:CNVD-2016-00786
db:VULHUBid:VHN-86323
db:BIDid:81545
db:JVNDBid:JVNDB-2016-001312
db:CNNVDid:CNNVD-201601-603
db:NVDid:CVE-2015-8362

LAST UPDATE DATE
2025-04-13T23:14:23.111000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#992624date:2016-01-27T00:00:00
db:CNVDid:CNVD-2016-00786date:2016-02-03T00:00:00
db:VULHUBid:VHN-86323date:2018-10-09T00:00:00
db:BIDid:81545date:2016-07-05T21:27:00
db:JVNDBid:JVNDB-2016-001312date:2016-02-22T00:00:00
db:CNNVDid:CNNVD-201601-603date:2016-01-25T00:00:00
db:NVDid:CVE-2015-8362date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#992624date:2016-01-21T00:00:00
db:CNVDid:CNVD-2016-00786date:2016-01-29T00:00:00
db:VULHUBid:VHN-86323date:2016-01-22T00:00:00
db:BIDid:81545date:2016-01-21T00:00:00
db:JVNDBid:JVNDB-2016-001312date:2016-01-26T00:00:00
db:CNNVDid:CNNVD-201601-603date:2016-01-25T00:00:00
db:NVDid:CVE-2015-8362date:2016-01-22T11:59:03.850