Multiple Unpatched vulnerabilities has been discovered in wireless sensor networks

NIO 50 provided by NEXCOM contains multiple vulnerabilities (All Versions).

Wednesday, 4 November 2020, 09:26 GMT

The NIO 50 given by NEXCOM is a portal for industrial systems for wireless sensor networks. The product includes several bugs as follows:

A) Validation of the Input Kludge (CWE-20) —CVE-2020-25151511
CVSS v3 CVSS: 3.1 / AV: N / AC: L / PR: N / UI: N / S: U / C: N / I: N / A: L Base value: 5.3 / A: L Base value: 5.3

B) Sending a direct text of essential details (CWE-319) —CVE-2020-2515555
CVSS v3 CVSS: 3.1 / AV: A / AC: L / PR: N / UI: N / S: U / C: L / I: N / A: N Base Value: 4.3 N / A: N Base Value: 4.3

Image sources: eworldme.com/Nexcom_NIO_50_Industrial_IWSN_Gateway

The anticipated effect depends on each weakness, but as follows, it can be impacted.

Denial of Service (DoS) Third Party Remote Attack-CVE-2020-25151
Critical information stolen on an adjacent network from a third party —CVE-2020-251555.

Note: The countermeasures are uncertain as of November 4 , 2020. The software is no longer available for sale or support, according to the developers.

Special Offer: