Paxton Net2 Information Disclosure / Incorrect Access Control

2024.12.11
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

CloudAware Security Advisory [CVE pending]: Potential PII leak and incorrect access control in Paxton Net2 software ======================================================================== Summary ======================================================================== Insecure backend database in the Paxton Net2 software. Possible leaking of PII incorrect access control. No physical access to computer running Paxton Net2 is required. ======================================================================== Product ======================================================================== * Paxton Net2  (all current versions) ======================================================================== Detailed description ======================================================================== By exploiting MSSQL single usermode it is possible to gain administrator rights to the Net2 database. In this database plaintext PIN codes for building entrance can be found and changed. It is also possible to add users to the system and enable/disable users in the system. By reading tables in the MSSQL table PII is leaked. In order to gain access local access to the computer running Net2 is necessary, but this can also be over a network using e.g. Anydesk which makes physical access not necessary. The vendor has not acknowledged the vulnerability after contact. There is no fix planned. ======================================================================== Solution ======================================================================== As the vendor has not acknowledged the vulnerability there is no effective remediation for this vulnerability. The most effective measure at this moment is closely monitoring who has local access to the machine running the Net2 software. ======================================================================== Mitigation ======================================================================== There is no known effective mitigation. Limiting who has local access to the machine running the Net2 software seems the most effective measure. ======================================================================== Weblinks ======================================================================== It has been decided not to release the exploit code yet as there is no mitigration possible. Discoverers are willing to share exploit code at request to help with mitigration. ======================================================================== Discoverers ======================================================================== Jeroen Hermans, CloudAware j.hermans[at]cloudaware[dot]eu Emiel van Berlo, Danego emiel[at]danego[dot]nl ======================================================================== History ======================================================================== Nov 12 2024: Requested latest Net2 software from Paxton Nov 26, 2024: Obtained latest Net2 software for other source Nov 26, 2024: Informed Paxton about vulnerability Nov 27, 2024: Release of exploit code Dec 2, 2024: Refused CVE reservation by Paxton & request of CVE reservation directly at Mitre


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top