CVE-2022-43546: POWER METER SICAM Vulnerability in Multiple Devices - Exploit Details, Code Snippets, and Original References

A critical vulnerability, identified as CVE-2022-43546, has been discovered in devices belonging to the POWER METER SICAM family, specifically in a range of SICAM Q200, SICAM P850, and SICAM P855 devices. All versions of these products with a version number lower than V2.70 for Q200 and V3.10 for P850 and P855 are affected by this issue.

The vulnerability lies in the devices' failure to correctly validate the EndTime-parameter in requests directed to the web interface on port 443/tcp. If successfully exploited, an authenticated remote attacker could crash the device (causing it to automatically reboot) or execute arbitrary code on the device.

Code Snippet

The following code snippet demonstrates how an attacker might send a malicious request by manipulating the EndTime parameter:

POST /data-export HTTP/1.1
Host: target_IP_address:443
Content-Type: application/json
Authorization: Bearer <Access_Token>

{
    "StartTime": "163598040",
    "EndTime": "<Malicious_EndTime>",
    "Channels": [1,2,3]
}

In this example, <Access_Token> should be replaced with a valid access token, and <Malicious_EndTime> would contain the manipulated value intended to exploit the vulnerability.

Obtain valid credentials or an access token for the web interface of a vulnerable SICAM device.

2. Craft a malicious request to the /data-export endpoint using the code snippet provided earlier, manipulating the EndTime parameter to exploit the vulnerability.
3. Send the malicious request to the device's IP address on port 443/tcp.

If the exploit is successful, the device may crash and reboot, or the attacker may be able to execute arbitrary code on the device.

The original advisory for this vulnerability can be found at the following link

- CVE-2022-43546 Advisory

POWER METER SICAM P855 (All versions < V3.10)

To mitigate this vulnerability, users of affected products should apply the firmware updates released by the manufacturer:

- Firmware Update: POWER METER SICAM Q200 V2.70
- Firmware Update: POWER METER SICAM P850 V3.10
- Firmware Update: POWER METER SICAM P855 V3.10

Please note that the above links could be subject to change, and you should refer to the manufacturer's support page for the latest information.

In summary, CVE-2022-43546 is a critical vulnerability affecting multiple POWER METER SICAM devices. Failure to validate the EndTime-parameter in web requests can result in a device crash or remote code execution. Users should apply the necessary firmware updates to secure their devices against this threat.

Timeline

Published on: 11/08/2022 11:15:00 UTC
Last modified on: 06/13/2023 09:15:00 UTC