Executive Summary

This vulnerability is an unhandled exception in Suprema BioStar 2 (Server) versions 2.9.8, 2.9.10, and 2.9.11. It allows an unauthenticated remote attacker to cause a denial of service (DoS) by sending HTTP POST requests to the '/api/migration' endpoint.

The specially crafted request triggers a failure that stops critical processes, causing the system to go offline until the services or server are manually restarted.

As a result, access control readers stop functioning and there may be failures in third-party integrations. The exploit requires no privileges or user interaction and is easy to automate, making the impact on system availability high.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring for HTTP POST requests sent to the '/api/migration' endpoint on Suprema BioStar 2 (Server) versions 2.9.8, 2.9.10, and 2.9.11.

Network administrators can use network traffic analysis tools or intrusion detection systems to look for unusual or repeated POST requests targeting this endpoint.

Example commands to detect such activity include:

• Using tcpdump to capture POST requests to '/api/migration': tcpdump -i <interface> -A -s 0 'tcp port 80 or tcp port 443' | grep 'POST /api/migration'
• Using curl to test the endpoint manually: curl -X POST http://<target-ip>/api/migration -v
• Using web server logs to search for POST requests to '/api/migration': grep 'POST /api/migration' /var/log/nginx/access.log

Useful 0 Not Useful 0

Compliance Impact

The vulnerability causes a denial of service (DoS) in Suprema BioStar 2 (Server), leading to system downtime and failure of access control readers and third-party integrations. This high impact on availability could affect compliance with standards and regulations that require continuous availability and protection of access control systems, such as GDPR and HIPAA.

However, the provided information does not explicitly describe direct impacts on data confidentiality, integrity, or privacy controls required by these regulations.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include manually restarting the affected Suprema BioStar 2 services or server if a denial of service occurs to restore functionality.

Additionally, restrict or monitor access to the '/api/migration' endpoint to prevent unauthenticated HTTP POST requests.

Implement network-level protections such as firewall rules or intrusion prevention systems to block or alert on suspicious POST requests targeting this endpoint.

Finally, update Suprema BioStar 2 to a version that addresses this vulnerability once a patch is available.

Useful 0 Not Useful 0

Impact Analysis

The vulnerability can cause a denial of service, making the Suprema BioStar 2 server and its critical processes unavailable until manually restarted.

This downtime means that access control readers connected to the system will stop working, potentially preventing authorized access or causing security lapses.

Additionally, third-party integrations relying on the system may fail, which could disrupt broader security or operational workflows.

Since the attack requires no privileges or user interaction and is trivial to automate, the risk and impact on availability are high.

Useful 0 Not Useful 0