Advantech WISE-DeviceOn Server Hard-Coded JWT Key Authentication Bypass Vulnerability
Vulnerability
A vulnerability exists in Advantech WISE-DeviceOn Server versions prior to 5.4, due to the use of a hard-coded cryptographic key. The server employs a static HS512 HMAC secret for signing EIRMMToken JSON Web Tokens (JWTs) across all installations. This vulnerability allows remote unauthenticated attackers to forge JWTs by including a valid email claim, enabling them to impersonate any DeviceOn account, including the root super admin. Exploitation of this vulnerability grants full administrative control over the DeviceOn instance and could be used to execute code on managed agents via DeviceOn's remote management features.
Impact
Exploitation of this vulnerability bypasses authentication, allowing attackers to gain unauthorized access and administrative privileges on the DeviceOn server. This could lead to unauthorized actions being performed on behalf of the impersonated user, including the root super admin, and the execution of code on managed agents.
Remediation
Users are advised to update to WISE-DeviceOn Server version 5.4 or later. The update is available on the DeviceOn official website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.