CVE-2022-36642
Published: 02 September 2022
Summary
CVE-2022-36642 is a critical-severity Missing Authorization (CWE-862) vulnerability in Telosalliance Omnia Mpx Node Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A local file disclosure vulnerability exists in the Telos Alliance Omnia MPX Node firmware through versions 1.0.0-1.4.9. The flaw resides in the /appConfig/userDB.json endpoint and stems from cleartext storage of sensitive information combined with missing authorization checks (CWE-862). Unauthenticated remote attackers can retrieve the file and obtain administrative credentials for the device's control panel.
An attacker requires only network access to the affected device and can exploit the issue without authentication or user interaction. Successful exploitation grants the ability to read stored user credentials, enabling initial access with high privileges to the management interface and full control over the audio-processing node.
Public references include detailed proof-of-concept write-ups, firmware analysis notes, and an Exploit-DB entry demonstrating the file disclosure and subsequent authentication bypass. No vendor advisory or patch information is referenced in the available sources.
The CVE carries a CVSS score of 9.8 and an EPSS score that has reached a peak of 0.7467, indicating substantial exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-39345
Vulnerability details
A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage…
more
of sensitive information which can be unlatched by exploiting the LFD vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Requiring an access control policy ensures authorization checks are defined and applied for critical functions.
Reviews of access controls detect missing authorization checks on critical functions or resources.
Documenting permitted unauthenticated actions prevents missing authorization by making all exceptions explicit and subject to organizational review.
Requiring attribute association with information prevents authorization from being performed without necessary security or privacy context.
Mandating authorization prior to allowing remote connections addresses missing authorization for remote access.
Mandating authorization before wireless connections are allowed prevents missing authorization for wireless access.
The control requires authorization before allowing mobile device connections, directly mitigating missing authorization for system access.
Requiring approvals for account creation and specifying authorizations ensures authorization is not missing for system access.