CVE-2021-42699 : Exploit Details and Defense Strategies
Learn about the CVE-2021-42699 vulnerability in AzeoTech DAQFactory, where sensitive cookie information is transmitted over HTTP, enabling potential account takeovers. Find mitigation steps and long-term security practices here.
AzeoTech DAQFactory has a vulnerability where cookie information is transmitted in cleartext over HTTP, potentially allowing attackers to hijack user accounts.
Understanding CVE-2021-42699
What is CVE-2021-42699?
The vulnerability in AzeoTech DAQFactory enables the transmission of sensitive cookie information over insecure channels, risking unauthorized account access.
The Impact of CVE-2021-42699
The vulnerability poses a medium severity risk with high confidentiality impact, as attackers can intercept and abuse user cookies to compromise accounts.
Technical Details of CVE-2021-42699
Vulnerability Description
AzeoTech DAQFactory is susceptible to cleartext transmission of sensitive information, facilitating account takeovers through network traffic interception.
Affected Systems and Versions
- Product: DAQFactory
- Vendor: AzeoTech
- All versions are affected
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Network
- Confidentiality Impact: High
- User Interaction: Required
Mitigation and Prevention
Immediate Steps to Take
- Avoid using documents from unknown or untrusted sources
- Store .ctl files in a folder only accessible by admin-level users
- Operate in Safe Mode for externally sourced documents
- Apply document editing password to enhance security
- Prefer DAQConnect connection via script over Real Time Web-Connect
Long-Term Security Practices
- Regularly update DAQFactory to the latest version
- Educate users on secure practices for handling sensitive information
Patching and Updates
Stay informed about security patches and updates for DAQFactory to address vulnerabilities effectively.