CVE-2022-29729 – This vulnerability affects Verizon 4G LTE Netwo... (How to Fix)

Q: What is the severity of CVE-2022-29729?

CVE-2022-29729 has a CVSS score of 7.5 (HIGH). This vulnerability affects Verizon 4G LTE Network Extender devices with a weak default admin password generation algorithm. Unauthenticated attackers can access generated passwords via the webUI login page, potentially gaining administrative control. All users of affected devices with default configurations are at risk.

📋 TL;DR

This vulnerability affects Verizon 4G LTE Network Extender devices with a weak default admin password generation algorithm. Unauthenticated attackers can access generated passwords via the webUI login page, potentially gaining administrative control. All users of affected devices with default configurations are at risk.

💻 Affected Systems

Products:

Verizon 4G LTE Network Extender

Versions: GA4.38 - V0.4.038.2131

Operating Systems: Embedded system firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices using default password generation algorithm. Custom configured passwords are not vulnerable.

📦 What is this software?

4g Lte Network Extender Firmware by Verizon

View all CVEs affecting 4g Lte Network Extender Firmware →

4g Lte Network Extender Firmware by Verizon

View all CVEs affecting 4g Lte Network Extender Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the network extender allowing attackers to intercept communications, modify device settings, or use the device as an entry point into the network.

🟠

Likely Case

Unauthorized administrative access to the network extender, enabling configuration changes, service disruption, or credential harvesting.

🟢

If Mitigated

Limited impact if strong custom passwords are already configured and default password generation is disabled.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the device's web interface. The vulnerability is well-documented in public advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.verizon.com/

Restart Required: No

Instructions:

1. Contact Verizon support for firmware updates. 2. Check Verizon's security advisories for patch availability. 3. Apply any available firmware updates through the device's administrative interface.

🔧 Temporary Workarounds

Change Default Admin Password

all

Immediately change the default admin password to a strong, unique password that is not generated by the vulnerable algorithm.

Access webUI > Administration > Change Password

Restrict Network Access

all

Limit access to the device's web interface to trusted networks only using firewall rules.

🧯 If You Can't Patch

Change admin password immediately to a strong, unique password
Disable remote administration if not required
Implement network segmentation to isolate the device

🔍 How to Verify

Check if Vulnerable:

Access the device's webUI login page and check if default password generation is enabled or if weak passwords are in use.

Check Version:

Check firmware version in device webUI under System Information or similar section

Verify Fix Applied:

Verify that a strong custom password is set and cannot be guessed via the vulnerable algorithm.

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts
Successful admin login from unusual IP addresses
Configuration changes from unauthorized users

Network Indicators:

Unusual traffic to/from the network extender's administrative interface
Port scanning targeting the device's web port

SIEM Query:

source="network_extender" AND (event_type="login_failure" OR event_type="admin_access")

📊 Metadata

CVE ID: CVE-2022-29729

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-521

Published: June 2, 2022

Last Updated: November 21, 2024

🔗 References

https://www.verizon.com/ Vendor Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5701.php Exploit,Third Party Advisory
https://www.verizon.com/ Vendor Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5701.php Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29729, you might also want to check these: