Nozomi Networks Arc Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks
Vulnerability
A vulnerability exists in Nozomi Networks Arc versions prior to 2.2.0, where the server certificate is not properly verified during connections to Guardian or CMC. This lack of validation can enable a man-in-the-middle attack, allowing interception of communication between the Arc agent and the Guardian or CMC. As a result, a malicious actor could steal the client token and sensitive information such as assets and alerts, impersonate the server, or inject false data, like misleading asset information or vulnerabilities, into the Guardian or CMC.
Impact
Exploitation of this vulnerability could lead to unauthorized interception of communication, allowing for the theft of client tokens and sensitive information. It could also enable server impersonation and the injection of spoofed data into the Guardian or CMC.
Remediation
Users are advised to upgrade Nozomi Networks Arc to version 2.2.0 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.