Claroty, a firm specializing in industrial cybersecurity, reported that FileWave’s mobile device management (MDM) software was vulnerable to remote assaults due to flaws.
Researchers have identified that the FileWave MDM product contains two serious security vulnerabilities: an authentication bypass vulnerability (CVE-2022-34907) and a hardcoded cryptographic key (CVE-2022-34906). The seller corrected the flaws immediately. A remote attacker might use the authentication bypass vulnerability to get “super user” access and take complete control of an internet-connected MDM instance.
From there, an attacker might compromise all FileWave-managed devices, potentially stealing sensitive data and delivering malware. The researchers detected over 1,100 instances of the insecure MDM server that were accessible via the internet.