CVE-2018-25130
Credentials Disclosure in Beward Intercom 2.3.1 Enables Unauthorized Access
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| beward | intercom | 2.3.0 |
| beward | intercom | 2.2.11 |
| beward | intercom | 2.2.9 |
| beward | intercom | 2.2.7.4 |
| beward | intercom | 2.2.8.9 |
| beward | intercom | 2.2.10.5 |
| beward | intercom | 2.3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-256 | The product stores a password in plaintext within resources such as memory or files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Beward Intercom software version 2.3.1 and earlier, where the application stores sensitive authentication credentials in an unencrypted binary database file named BEWARD.INTERCOM.FDB. A local attacker with access to the current user session can read this file and extract plain-text usernames and passwords. This allows the attacker to bypass authentication mechanisms and gain unauthorized access to IP cameras and door stations controlled by the software. [1, 2]
How can this vulnerability impact me? :
If exploited, this vulnerability allows a local attacker to obtain plain-text credentials, enabling unauthorized access to IP cameras and door stations. This can lead to unauthorized surveillance, control over door access systems, and potential privilege escalation within the affected environment. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the unencrypted database file named BEWARD.INTERCOM.FDB on the affected system. For BEWARD Intercom versions above 2.2.11, this file is located at C:\ProgramData\BEWARD\BEWARD Intercom\DB\BEWARD.INTERCOM.FDB; for older versions, it is in the user's local AppData directory. A local user with read access can attempt to extract plaintext credentials by searching for specific byte patterns within this file. Detection can involve using scripts or commands to read and analyze this file. For example, on Windows, you can use PowerShell commands to check for the file's existence and read its contents, or use a Python script (such as the provided beward_creds.py) to memory-map the file and extract credentials using regular expressions. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local user access permissions to the BEWARD.INTERCOM.FDB file to prevent unauthorized reading of the unencrypted credentials. Ensure that only trusted administrators have read access to this file. Additionally, consider upgrading to a newer version of the software if available, or applying any vendor-provided patches or updates that address this vulnerability. If no patch is available, isolate affected systems to limit local access and monitor for unauthorized access attempts. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows local attackers to access plain-text authentication credentials stored in an unencrypted database file, which can lead to unauthorized access to IP cameras and door stations. This exposure of sensitive user credentials could result in non-compliance with data protection standards and regulations such as GDPR and HIPAA, which require proper protection of personal and sensitive information. However, the provided resources do not explicitly discuss the impact on compliance with these standards. [1, 2]