OTPulse
FeedAboutContact

Rapid Response Monitoring My Security Account App

Monitor7.5ICS-CERT ICSA-25-051-05Feb 20, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

The My Security Account App API contains an information disclosure vulnerability (CWE-639) that could allow an attacker to access sensitive information of other users through the network without authentication. The vendor reports the issue was patched on their end.

What this means
What could happen
An attacker could remotely retrieve sensitive user information from the My Security Account App, potentially exposing credentials, personal data, or operational details of other account holders without any valid credentials.
Who's at risk
This affects organizations using the Rapid Response Monitoring My Security Account App API, particularly those relying on it for authentication or identity management in control system environments. IT and OT staff managing remote access or monitoring systems should prioritize this.
How it could be exploited
An attacker could send a network request to the My Security Account App API from any location on the internet, exploiting the information disclosure flaw to read sensitive data belonging to other users. No authentication or special configuration is required.
Prerequisites
  • Network access to the My Security Account App API over the internet
  • No credentials required
remotely exploitableno authentication requiredlow complexityinformation disclosureAPI endpoint exposed to internet
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
My Security Account App API: <7/29/24<7/29/24No fix yet
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict network access to the My Security Account App API to authorized internal networks only; do not expose the API directly to the internet
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXVerify with Rapid Response Monitoring that the patch has been applied to your instance of the My Security Account App API
HARDENINGIf remote access to the API is required, deploy it behind a VPN or other secure access control
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/72b2664a-e387-4892-97ad-d24af9917e4e
Rapid Response Monitoring My Security Account App | CVSS 7.5 - OTPulse