Remote Collector
Monthly
Man-in-the-middle exposure in Nozomi Networks Remote Collector arises because configuring an upstream Guardian or CMC through the n2os-tui interface generates a configuration that disables TLS certificate verification, with no option to re-enable it. Any attacker positioned on the network path between the Remote Collector and its Guardian/CMC can intercept the channel to steal the sync token, impersonate the server, inject spoofed asset or vulnerability data, or disrupt telemetry flow. There is no public exploit identified at time of analysis, and the issue is not on CISA KEV; the vendor (Nozomi) self-reported it.
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Man-in-the-middle exposure in Nozomi Networks Remote Collector arises because configuring an upstream Guardian or CMC through the n2os-tui interface generates a configuration that disables TLS certificate verification, with no option to re-enable it. Any attacker positioned on the network path between the Remote Collector and its Guardian/CMC can intercept the channel to steal the sync token, impersonate the server, inject spoofed asset or vulnerability data, or disrupt telemetry flow. There is no public exploit identified at time of analysis, and the issue is not on CISA KEV; the vendor (Nozomi) self-reported it.
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.