or embedded web view in web application. The vulnerability can be exploited by remote attackers without privilege to access the network to inject own malicious code, causing a double redirect of the victim to a different malicious site. The large number of devices with the vulnerable version installed makes this issue a major risk. The issue is present in all PXM products, but the majority of devices are PXM30x products. DESIGO has issued a security update for the PXM30x products. The upgrade for PXM40x, PXM50x and PXM60x products will be released in the next months. The upgrade is offered to maintainers and customers at DESIGO service center. DESIGO has already released security updates for the PXM40x, PXM50x and PXM60x products. The upgrade for PXM30x products will be released in the next months. The upgrade is offered to maintainers and customers at DESIGO service center. The following products are affected: - PXM30x - PXM40x - PXM50x - PXM60x DESIGO recommends all PXM30x, PXM40x and PXM50x customers to upgrade their system to a latest version as soon as possible. DESIGO has also provided details of the issue and update procedure at the end of this advisory.
PXM Product Overview
The following products are affected: - PXM30x - PXM40x - PXM50x - PXM60x
DESIGO recommends all PXM30x, PXM40x and PXM50x customers to upgrade their system to a latest version as soon as possible.
DESIGO has also provided details of the issue and update procedure at the end of this advisory.
Summary
The vulnerability CVE-2022-40181 (also known as the embedded web view in web application) allows attackers to inject own malicious code into a vulnerable PXM product. The issue is present in all PXM products, but the majority of devices are PXM30x products. DESIGO has issued a security update for the PXM30x and will release a fix for the other affected products in next months. The upgrade for PXM40x, PXM50x and PXM60x products will be released in the next months. The upgrade is offered to maintainers and customers at DESIGO service center.
DESIGO has already released security updates for the PXM40x, PXM50x and PXM60x products. We recommend all PXM30x, PXM40x and PXM50x customers to upgrade their system to a latest version as soon as possible
PXM 30x products
DESIGO is aware of a security issue in PXM 30x products. The vulnerability can be exploited by remote attackers without privilege to access the network to inject own malicious code, causing a double redirect of the victim to a different malicious site. The large number of devices with the vulnerable version installed makes this issue a major risk.
Description of the issue
The vulnerability allows an attacker to redirect a victim's browser to a malicious site. The issue is due to the way the web application handles URLs.
The vulnerability resides in the following code:
WebViewConfiguration.java
public void setUrl(String requestURL) {
if (requestURL != null && requestURL != "") {
try { WebView webView = mWebView.get(); WebSettings settings = webView.getSettings(); StringBuffer responseText = new StringBuffer(""); try { // initializes url string with current context path and filename String uriString = getContextPath().toUpperCase().replaceAll("/", ""); // set the full URL as requested by user in UrlBar without http or https prefixes, but with https:// at the beginning of it (required for server-side SSL certificates) if (!isProtected() || !isProtectionEnabled()) { uriString = uriString + "https://" + settings.getValue(WebSettingsManager.SECURE_PROXY_SSL_PROVIDER, null); } else { uriString = uriString + "http://" + settings.getValue(WebSettingsManager.SECURE_PROXY_SSL_PROVIDER, null); } // create a new instance of HttpClient and call execute method with URL and HTTP request headers, options and response text response
How to check if your device is affected
In order to determine if your device is affected by CVE-2022-40181, do the following:
1. Open a browser and go to https://demo.putty.io/demo2
2. Enter the IP address of your PXM product in the address bar with port 80 (http://192.168.1.3:80)
3. The interesting thing is if you see a "Welcome" page, then your device is affected by this vulnerability and should be upgraded immediately! If on the other hand, you don't see anything after entering your IP address and port number, then your device is not affected according to our research.
Timeline
Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/12/2022 15:46:00 UTC