SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-892549684] American Auto-Matrix Front-End Solutions Vulnerabilities

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-09-29OTHERAmerican Auto-Matrix Building Automation Front-End Solutions appMaxim RuppN/A2016-2307, 2016-2308N/AN/AN/A

Source

						
							
								
#
# American Auto-Matrix Front-End Solutions Vulnerabilities
#


### OVERVIEW

Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix's Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer receive further updates. American Auto-Matrix has produced an update that fixes these vulnerabilities in the Aspect-Nexus platform.

These vulnerabilities could be exploited remotely.




### AFFECTED PRODUCTS

The following Building Automation Front-End Solutions versions are affected:

* Aspect-Nexus Building Automation Front-End Solutions application versions prior to 3.0.0
* Aspect-Matrix Building Automation Front-End Solutions application all versions.






### IMPACT

User logins and passwords presented in plain text provide an attacker authenticated credentials to all aspects of the system.

Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation.






### BACKGROUND

American Auto-Matrix is a US-based company.

The affected product, Building Automation Front-End Solutions application, is a building automation integration device. According to American Auto-Matrix, Building Automation Front-End Solutions application is deployed across several sectors including Commercial Facilities, Critical Manufacturing, Energy, Water and Wastewater systems, and others. American Auto-Matrix estimates that this product is used primarily in the United States.





### VULNERABILITY CHARACTERIZATION


# VULNERABILITY OVERVIEW


LOCAL FILE INCLUSION

Without authorization, the attacker can read files on the host, including the configuration file.
CVE-2016-2307 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).



PLAINTEXT STORAGE OF A PASSWORD

In a file that is accessible without authentication, passwords are presented in plain text.
CVE-2016-2308 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L).






### VULNERABILITY DETAILS


# EXPLOITABILITY

These vulnerabilities could be exploited remotely.


# EXISTENCE OF EXPLOIT

No known public exploits specifically target these vulnerabilities.


# DIFFICULTY

An attacker with a low skill would be able to exploit these vulnerabilities.





### MITIGATION

American Auto-Matrix recommends the following steps:

Download the zip file located at Dealer Toolbox (http://www.aamatrix.com/aspect-new-features) under Product Support > Software Updates. 

Then:
* Unzip the attached file
* Install the .aam file through the WebUI under [System Administration > System Updates]

Users will then need to reboot the unit in order complete the upgrade process.