CVE-2021-40846

Name of the Vulnerable Software and Affected Versions Rhinode Trading Paints versions 2.0.36 and earlier

Description An issue was discovered where TP Updater.exe uses cleartext HTTP to check and request updates. This allows attackers to perform a man-in-the-middle attack, enabling them to download a malicious binary in place of the real update without triggering any SSL errors or warnings.

Recommendations For Rhinode Trading Paints versions 2.0.36 and earlier, consider disabling the TP Updater.exe until a secure update mechanism is implemented to prevent man-in-the-middle attacks. Restrict access to the update feature to minimize the risk of exploitation. Avoid using cleartext HTTP for updates until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.