Honeywell released a firmware update to patch two vulnerabilities in the NOTI-FIRE-NET Web Server (NWS-3) product. One of the vulnerabilities, identified as CVE-2020-6972, allows an attacker to bypass the authentication system to gain access to the administration dashboard and control the alarm system, all without a password. The other vulnerability (CVE-2020-6974) allows an unauthenticated attacker to download a backup database file that contains usernames and password hashes. The US Department of Homeland Security released an advisory that rated the vulnerabilities as critical and urged organizations to apply the patch or to isolate the web interface for the fire alarm server behind a virtual private network (VPN) to protect it from external exploitation attempts. Researchers found some vulnerable Honeywell NWS-3 systems were directly accessible on the Internet.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is