Thermo Fisher Scientific ePort Software Incorrect Access Control Vulnerability
Vulnerability
A vulnerability has been identified in Thermo Fisher Scientific ePort software versions through 3.0.0, specifically when used with the Thermo Scientific 1405 TEOM Continuous Ambient Particulate Monitor. The issue involves incorrect access control, which has allowed hardcoded credentials to be exploited, enabling remote access to the file system. This access could potentially disrupt data integrity and network resilience.
Impact
Exploitation of this vulnerability could lead to unauthorized remote access to the file system, allowing for manipulation of data and possible disruption of network services.
Remediation
Thermo Fisher Scientific has developed an update for ePort software version 4.1.0 and greater, which is not impacted by this vulnerability. For customers using the Thermo Scientific 1405 TEOM Continuous Ambient Particulate Monitor, a Thermo Fisher Scientific Support Engineer will provide information on applying the update.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.