CVE-2021-37292
published 2022-04-11CVE-2021-37292: An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious…
PriorityP352high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
6.72%
93.1th percentile
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kevinlab | 4st_l-bems | — | — |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
KevinLAB BEMS (Building Energy Management System) - Backdoor Account
nuclei·CVSS 7.2
CVE-2021-37292 [HIGH] KevinLAB BEMS (Building Energy Management System) - Backdoor Account
KevinLAB BEMS (Building Energy Management System) - Backdoor Account
KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel, and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
Template:
id: CVE-2021-37292
info:
name: KevinLAB BEMS (Building Energy Management System) - Backdoor Account
author: gy741
severity: high
descripti
No writeups or analysis indexed.
2022-04-11
Published