Full Report
Insecure configuration storage allows attacker take under control device and smart home.
Analysis Summary
# Vulnerability: Zipato Zipabox Insecure Configuration Storage
## CVE Details
- CVE ID: CVE-2018-15123
- CVSS Score: 7.5 (High, based on CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)
- CWE: Unspecified (Related to insecure storage/handling of configuration data)
## Affected Systems
- Products: Zipato Zipabox (smart home controller)
- Versions: Not explicitly listed, but applies to versions prior to vendor fix.
- Configurations: Any default configuration allowing remote access/interaction.
## Vulnerability Description
Insecure configuration storage on the Zipato Zipabox allows an unauthenticated remote attacker to potentially gain control over the device and the entire associated smart home system by exploiting weaknesses in how the device stores its configurations.
## Exploitation
- Status: Unknown (Existence of exploit unknown)
- Complexity: Low (AV:N/AC:L - Network attack, Low complexity)
- Attack Vector: Network
## Impact
- Confidentiality: High (Attacker could potentially access sensitive configuration data)
- Integrity: None (No direct impact to integrity listed)
- Availability: None (No direct impact to availability listed)
*Note: The description states the attacker can "take under control device and smart home," which usually implies high Integrity/Availability impact, but the provided CVSS vector only specifies High Confidentiality impact (C:H).*
## Remediation
### Patches
- Vendor notified that **some vulnerabilities are fixed** as of June 6, 2018. Specific patch versions are **not provided** in the advisory.
### Workarounds
- Vendor mitigation actions were stopped, and Kaspersky Lab did not receive feedback on specific workarounds. Users should consult the vendor's latest security guidance if available.
## Detection
- Indicators of compromise: Not specified.
- Detection methods and tools: Generic network monitoring for unusual configuration access or administrative traffic targeting the Zipabox, especially from unauthenticated external sources.
## References
- Vendor advisories: Vendor stopped responding on emails.
- Relevant links - defanged:
- https://ics-cert.kaspersky.com/advisories/2018/08/08/klcert-18-003-zipato-zipabox-insecure-configuration-storage/
- https://nvd.nist.gov/vuln/detail/CVE-2018-15123