Honeywell NWS-3 Authentication Bypass & Directory Traversal Attack Security Notice

Notification 2020 02 04 01 04 February 2020 Authentication Bypass Directory Traversal Attack article contains Summary Potential Vulnerability Synopsis Affected Products Resolution Description Appendix About CVSS mitigate the risk Follow Resolution Description procedure prerequisite to write attack scripts HTTP applies to products listed in the Products and section of this notice security notification informs users of Honeywell Web Server of a potential software vulnerability that has been Honeywell recommends that immediate steps be taken to ensure this potential vulnerability is mitigated in installed and operational system Due to the wide variety of security controls implementations and interfaces it is the responsibility of each customer assess the potential impact within a specific operating environment Synopsis The Honeywell Fire Web Server authentication may be bypassed by a capture replay attack from a web Base Score Score Vector Critical High A potential flaw exists where users may bypass access to restricted location to read files and directories on webserver Base Score Score Vector Critical High 2020 01 31 01 Products potential vulnerability affects the following product versions Notifier Web Server NWS Version 3.50 and earlier Factors recommends that customers with potentially affected products should take the following steps to protect Update firmware of NWS 3 as per the security notification their system from the Internet or create additional layers of defense to their system from the by placing the affected hardware behind a firewall or into a DMZ remote connections to the network are required consider using a VPN or other means to ensure remote connections into the network where the device is located Always use strong passwords on installations to prevent unauthorized access Description has released a firmware update for all affected products listed above package can be downloaded from Here This update should be installed by qualified personnel Access credentials are required to access this site Support help installing operating maintaining and troubleshooting this product refer to this document and the installation guide If you still have questions contact Technical Support during business hours to Gjoko Krstikj for reporting this potential vulnerability 2020 01 31 01 Appendix About CVSS Common Vulnerability Scoring System CVSS is an open standard for communicating the characteristics and of software vulnerabilities The Base score represents the intrinsic qualities of a vulnerability The Temporal reflects the characteristics of a vulnerability that change over time The Environmental score is an additional that can be used by CVSS but is not supplied as it will differ for each customer Base score has a value ranging from 0 to 10 The Temporal score has the same range and is a modification of Base score due to current temporary factors severity of the score can be summarized as follows Rating Score 3.9 6.9 8.9 10.0 CVSS score is also represented as a vector string a compressed textual representation of the values used to the score information about CVSS can be found at http www first org cvss CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL YOUR USE OF THE INFORMATION ON THIS DOCUMENT OR MATERIALS LINKED FROM THIS VULNERABILITY IS AT YOUR OWN RISK NOTICE HONEYWELL RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME AND HONEYWELL PROVIDES THE CVSS SCORES IS WITHOUT WARRANTY OF ANY KIND DISCLAIMS THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A AND MAKES NO EXPRESS WARRANTIES EXCEPT AS MAY BE STATED IN A WRITTEN WITH AND FOR ITS CUSTOMERS NO EVENT WILL HONEYWELL BE LIABLE TO ANYONE FOR ANY DIRECT INDIRECT SPECIAL OR DAMAGES 2020 01 31 01