CVE-2022-33175 : What You Need to Know
Learn about CVE-2022-33175, a critical vulnerability in Power Distribution Units running on Powertek firmware before version 3.30.30. Understand the impact, technical details, and mitigation steps.
A critical vulnerability has been identified in Power Distribution Units running on Powertek firmware before version 3.30.30. The vulnerability exposes active session IDs of logged-in administrators, potentially leading to unauthorized access and sensitive data disclosure.
Understanding CVE-2022-33175
This CVE affects Power Distribution Units using vulnerable Powertek firmware, allowing unauthorized access to administrative session IDs.
What is CVE-2022-33175?
CVE-2022-33175 refers to an insecure permissions setting in Power Distribution Units running on Powertek firmware versions prior to 3.30.30. This flaw exposes active session IDs, enabling threat actors to impersonate administrators and access sensitive information.
The Impact of CVE-2022-33175
The vulnerability has a CVSS base score of 9.8, categorizing it as critical. Threat actors can exploit this flaw to obtain cleartext passwords, reconfigure devices, and compromise the confidentiality, integrity, and availability of the affected systems.
Technical Details of CVE-2022-33175
Below are the technical details of the CVE:
Vulnerability Description
The insecure permissions setting on the user.token field in Power Distribution Units allows unauthorized access to active session IDs, facilitating unauthorized administrative access.
Affected Systems and Versions
Power Distribution Units using Powertek firmware versions before 3.30.30 are affected by this vulnerability.
Exploitation Mechanism
Threat actors can exploit this vulnerability by accessing the /cgi/get_param.cgi HTTP API, which exposes the user.token field and active session IDs.
Mitigation and Prevention
To mitigate the risks associated with CVE-2022-33175, follow these security recommendations:
Immediate Steps to Take
- Update Powertek firmware to version 3.30.30 or higher.
- Restrict access to critical APIs and endpoints.
- Monitor and audit administrative activities for unusual behavior.
Long-Term Security Practices
- Implement robust access control mechanisms.
- Conduct regular security training for administrators.
- Stay informed about security best practices and emerging threats.
Patching and Updates
- Regularly check for firmware updates and security advisories from the vendor.
- Apply patches promptly to address known vulnerabilities and enhance system security.