CVE-2019-19228

Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
froniusdatamanager_box_2.0_firmware
𝑥
< 3.14.1
froniuseco_25.0-3-s_firmware
𝑥
< 3.14.1
froniuseco_27.0-3-s_firmware
𝑥
< 3.14.1
froniusgalvo_1.5-1_firmware
𝑥
< 3.14.1
froniusgalvo_1.5-1_208-240_firmware
𝑥
< 3.14.1
froniusgalvo_2.0-1_firmware
𝑥
< 3.14.1
froniusgalvo_2.0-1_208-240_firmware
𝑥
< 3.14.1
froniusgalvo_2.5-1_firmware
𝑥
< 3.14.1
froniusgalvo_2.5-1_208-240_firmware
𝑥
< 3.14.1
froniusgalvo_3.0-1_firmware
𝑥
< 3.14.1
froniusgalvo_3.1-1_firmware
𝑥
< 3.14.1
froniusgalvo_3.1-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_10.0-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_11.4-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_12.5-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_15.0-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_3.0-1_firmware
𝑥
< 3.14.1
froniusprimo_3.5-1_firmware
𝑥
< 3.14.1
froniusprimo_3.6-1_firmware
𝑥
< 3.14.1
froniusprimo_3.8-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_4.0-1_firmware
𝑥
< 3.14.1
froniusprimo_4.6-1_firmware
𝑥
< 3.14.1
froniusprimo_5.0-1_firmware
𝑥
< 3.14.1
froniusprimo_5.0-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_5.0-1_aus_firmware
𝑥
< 3.14.1
froniusprimo_5.0-1_sc_firmware
𝑥
< 3.14.1
froniusprimo_6.0-1_firmware
𝑥
< 3.14.1
froniusprimo_6.0-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_7.6-1_208-240_firmware
𝑥
< 3.14.1
froniusprimo_8.2-1_firmware
𝑥
< 3.14.1
froniusprimo_8.2-1_208-240_firmware
𝑥
< 3.14.1
froniussymo_10.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_10.0-3-m-os_firmware
𝑥
< 3.14.1
froniussymo_10.0-3_208-240_firmware
𝑥
< 3.14.1
froniussymo_10.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_12.0-3_208-240_firmware
𝑥
< 3.14.1
froniussymo_12.5-3-m_firmware
𝑥
< 3.14.1
froniussymo_12.5-3_480_firmware
𝑥
< 3.14.1
froniussymo_15.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_15.0-3_107_firmware
𝑥
< 3.14.1
froniussymo_15.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_17.5-3-m_firmware
𝑥
< 3.14.1
froniussymo_17.5-3_480_firmware
𝑥
< 3.14.1
froniussymo_20.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_20.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_22.7-3_480_firmware
𝑥
< 3.14.1
froniussymo_24.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_3.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_3.0-3-s_firmware
𝑥
< 3.14.1
froniussymo_3.7-3-m_firmware
𝑥
< 3.14.1
froniussymo_3.7-3-s_firmware
𝑥
< 3.14.1
froniussymo_4.5-3-m_firmware
𝑥
< 3.14.1
froniussymo_4.5-3-s_firmware
𝑥
< 3.14.1
froniussymo_5.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_6.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_7.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_8.2-3-m_firmware
𝑥
< 3.14.1
froniussymo_advanced_10.0-3_208-240_firmware
𝑥
< 3.14.1
froniussymo_advanced_12.0-3_208-240_firmware
𝑥
< 3.14.1
froniussymo_advanced_15.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_advanced_20.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_advanced_22.7-3_480_firmware
𝑥
< 3.14.1
froniussymo_advanced_24.0-3_480_firmware
𝑥
< 3.14.1
froniussymo_hybrid_3.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_hybrid_4.0-3-m_firmware
𝑥
< 3.14.1
froniussymo_hybrid_5.0-3-m_firmware
𝑥
< 3.14.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.html
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilites-in-fronius-solar-inverter-series-cve-2019-19229-cve-2019-19228/
https://seclists.org/bugtraq/2019/Dec/5
http://packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.html
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilites-in-fronius-solar-inverter-series-cve-2019-19229-cve-2019-19228/
https://seclists.org/bugtraq/2019/Dec/5