Security Researchers from Claroty Research have discovered critical vulnerabilities in the FileWave Management Suite. FileWave has already provided users with a corresponding software upgrade to fix the vulnerabilities.
Wil, Switzerland, 07/25/2022 – The vulnerabilities were discovered by Team82 from Claroty Research, a cybersecurity research company. The research firm had recently conducted a comprehensive security assessment of FileWave services and identified and reported the vulnerabilities to FileWave.
The vulnerabilities affect all software versions prior to version 14.6.3, as well as 14.7.x versions prior to version 14.7.2. The vulnerabilities affect the ability to bypass authentication mechanisms to gain full control of the MDM platform and managed devices (CVE-2022-34907) as well as a hard-coded cryptographic key (CVE-2022-34906) of the previously mentioned software versions.
The security update released to address the vulnerabilities is included in the patched software upgrades of versions 14.6.3, 14.7.2, as well as in the latest software release 14.8 and all future subsequent versions. All affected software users were first notified of the vulnerabilities by FileWave on 4/26/2022 and were provided with a software upgrade to address the vulnerabilities.
The security of the software and the protection of users’ systems and infrastructure is a top priority at FileWave. Therefore, the security vulnerabilities were carefully reviewed and confirmed in close cooperation with Claroty Research. Immediately after the vulnerabilities became known, measures were taken to develop patched versions of the software, following a robust protocol to not only provide FileWave software users with a solution, but also to protect and help them understand the risks and install software upgrades on their servers in a timely manner. The implementation of the patched software versions should have eliminated the risk of the vulnerabilities to be exploited by third-party attacks. Since the identification of the vulnerabilities, no actual exploitation has become known to FileWave to date. Nevertheless, we recommend users of FileWave Services to double-check that the security update is properly installed and up to date to avoid the risk of third-party attacks going forward.
More details about the study published by Claroty Research can be found on Claroty’s homepage.
More information on how to fix the vulnerabilities is available to users of FileWave services in the FileWave Knowledge Base.