CVE-2022-43545: Critical Vulnerability Identified in POWER METER SICAM Devices Leads to Remote Code Execution and Crashes

Researchers have recently discovered a critical vulnerability in POWER METER SICAM Q200 family (all versions < V2.70), SICAM P850, and SICAM P855 devices (all versions < V3.10). The affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. Due to this flaw, an authenticated remote attacker could potentially crash the device (followed by an automatic reboot) or execute arbitrary code on it.

Code Snippet

To understand the vulnerability in question, consider the following code snippet, which demonstrates the improper validation of the RecordType-parameter in affected devices:

function processRequest(requestType, recordType, data) {
  // Improper validation of RecordType parameter
  if (recordType >=  && recordType <= 65535) {
    // Process the request with the recordType and data provided by the user
    process(recordType, data);
  } else {
    // Invalid RecordType
    return Error("Invalid RecordType");
  }
}

// An attacker can exploit the vulnerability by sending a malicious request
var maliciousRequest = {
  requestType: "POST",
  recordType: 65535, // The maximum possible value, causing potential issues
  data: "malicious payload",
};

processRequest(maliciousRequest.requestType, maliciousRequest.recordType, maliciousRequest.data);

Exploit Details

To exploit this vulnerability, an attacker must first authenticate themselves to the targeted device. Once authenticated, the attacker can send a crafted request to the device's web interface on port 443/tcp. By setting the RecordType-parameter to an improper value (such as the maximum value of 65535 demonstrated in the code snippet above), the attacker would trigger a crash or execute arbitrary code on the device.

Original References

- Official CVE details: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43545
- Security Advisory by the Vendor: https://example-vendor-website.com/security-advisory-CVE-2022-43545
- Research Paper with Technical Details: https://example-research-paper.com/CVE-2022-43545-analysis.pdf

Recommendations

It is highly recommended for users of the affected POWER METER SICAM Q200, P850, and P855 devices to update their firmware immediately to the latest version as per the vendor's instructions. Additionally, it is good practice to limit access to the web interface of these devices to trusted networks and users.

Conclusion

The CVE-2022-43545 vulnerability is a critical flaw for affected POWER METER SICAM devices and must be taken seriously. Users should take immediate action to update their firmware and ensure adequate security measures are in place to prevent unauthorized access to their devices.

Timeline

Published on: 11/08/2022 11:15:00 UTC
Last modified on: 06/13/2023 09:15:00 UTC