Novakon P Series Improper Authentication Vulnerability Allowing Unauthenticated Application Upload and Download

A vulnerability in the Novakon P series HMI devices, specifically in version V2001.A.C518o2, allows unauthenticated attackers to upload and download applications to and from the device. This vulnerability arises from weak authentication in a UDP service that copies applications to the device, enabling unauthorized access to the application's file management. Additionally, the root user on these devices lacks a password, further facilitating unauthorized access.

Impact

Exploitation of this vulnerability allows for unauthorized application management on the device, which could be used to execute malicious applications or modify existing ones. Coupled with other vulnerabilities in the Novakon P series, this could lead to a full compromise of the device.

Reproduction

The vulnerability can be reproduced by accessing the UDP service on port 60681. Applications can be uploaded or downloaded without any authentication. This can be done using the Novakon iFACE Designer application, which allows for application management over the network.