GE Digital APM Classic Auth Bypass and Weak Hash Vulnerabilities (CVE-2020-16240/16244)

Critical Vulnerability Information 1. Vulnerability Overview CVSS v3: 7.5 Note: Remotely exploitable / Low skill level Vendor: GE Digital Product: APM Classic Vulnerabilities: - Authorization Bypass via User-Controlled Key (CWE-639) - Use of a One-Time Hash Without Salt (CWE-759) 2. Risk Assessment Successful exploitation of these vulnerabilities can lead to access to sensitive information. 3. Technical Details 3.1 Affected Products APM Classic, versions 4.4 and earlier 3.2 Vulnerability Descriptions 3.2.1 Authorization Bypass via User-Controlled Key (CWE-639) Description: An insecure direct object reference (IDOR) vulnerability allows user data to be downloaded in JavaScript Object format, enabling attackers to download sensitive data without proper authorization. CVE ID: CVE-2020-16240 CVSS v3 Base Score: 7.5 CVSS Vector String: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.2.2 Use of a One-Time Hash Without Salt (CWE-759) Description: Passwords are hashed using a one-time hash without salt, making it possible to decrypt passwords. When combined with the IDOR vulnerability, authenticated users can retrieve user data and actual passwords. CVE ID: CVE-2020-16244 CVSS v3 Base Score: 7.2 CVSS Vector String: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 3.3 Background Critical Infrastructure Sectors: Chemical, Energy, Wastewater Systems, etc. Deployment Countries/Regions: Global Company Headquarters: United States 3.4 Reporter Guido Marilli of Accenture Security reported these vulnerabilities. 4. Mitigation Measures Upgrade: GE recommends users upgrade to GE Digital APM Classic 4.5 or later. Recommendations: Implement defensive measures to minimize exploitation risk: - Limit network exposure - Use secure remote access methods, such as VPN Reference: CISA’s recommended security best practices and controls for industrial control systems.

Goal Reached Thanks to every supporter — we hit 100%!

GE Digital APM Classic Auth Bypass and Weak Hash Vulnerabilities (CVE-2020-16240/16244)