Home / Early Warning / Ics Advisories / SITEL CAP/PRX hardcoded credentials

SITEL CAP/PRX hardcoded credentials

Publication date: 
05/13/2021
Importance: 
5 - Crítica
Affected resources: 

CAP/PRX, firmware version 5.2.01.

Description: 

INCIBE has coordinated the publication of a vulnerability in the SITEL CAP/PRX device, with the internal code INCIBE-2021-0179, which has been discovered by the Industrial Cybersecurity team of S21sec, special mention to Aarón Flecha Menéndez and Luis Martín Liras, as an independent researcher.

CVE-2021-32454 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.6 has been calculated; the CVSS vector string is AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Solution: 

The fix for this vulnerability is available as of version 1.2 of the CAP-PRX-NG platform.

Detail: 

The CAP/PRX remote from SITEL, uses a hardcoded password. An attacker with access to the device, could modify these credentials, leaving the administrators of the device without access.

This vulnerability has been corrected in the affected products through SITEL's continuous improvement processes.

CWE-798: Use of Hard-coded Credentials.

Timeline:

11/08/2017 - Researchers disclosure.
02/10/2020 - Researchers contact with INCIBE.
08/02/2021 - SITEL confirms the vulnerability to INCIBE and the publication of the corrective version and the new software version (security patch).
13/05/2021 - INCIBE publishes the advisory.

If you have any information regarding this advisory, please contact INCIBE as indicated in the CVE Assignment and publication section.

Encuesta valoración