Skip to main content

MesaLabs AmegaView Vulnerabilities

Multiple vulnerabilities in AmegaView continuous monitoring systems
Threat ID:
CC-3884
Threat Severity:
Low
Published:
9 June 2021 3:21 PM
Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Affected platforms

The following platforms are known to be affected:
  • AmegaView Versions: 3.0 and earlier

Threat details

Introduction

MesaLabs has released details of five vulnerabilities affecting their AmegaView continuous monitoring systems. They claim that an unauthorised user with access to a vulnerable system may allow remote code execution or allow access to the device.

Vulnerabilities

The vulnerabilities appear to be the result of improper neutralisation of commands, and insecure authentication and file permissions.

  • CVE-2021-27447 – Vulnerability due to improper neutralisation of special elements used in a command, which could allow an attacker to execute arbitrary code.
  • CVE-2021-27449 – Vulnerability due to improper neutralisation of special elements used in a command, which could allow an attacker to execute commands in the web server.
  • CVE-2021-27445 – Insecure file permissions which could be exploited to elevate privileges on the device.
  • CVE-2021-27451 – Improper authentication due to passcodes being generated by an easily reversible algorithm, which could allow an attacker to gain access to the device.
  • CVE-2021-27453 – Authentication bypass issue that could allow an attacker to gain access to the web application.

Remediation advice

MesaLabs has scheduled AmegaView for end-of-life at the end of 2021 and as a result are not expecting to address these vulnerabilities. Affected organisations are encouraged to contact their relevant suppliers and consider the following alternative mitigation steps:

  • Ensure affected systems are not accessible from the public Internet.
  • Ensure affected systems are suitably isolated in their own network segment.
  • Use a VPN if remote access to affected systems is needed.

Definitive source of threat updates

CVE Vulnerabilities

Last edited: 10 June 2021 12:23 pm