CVE-2022-4980

Name of the Vulnerable Software and Affected Versions General Bytes Crypto Application Server (CAS) versions 20201208 through 20220531.38 General Bytes Crypto Application Server (CAS) version 20220725.22

Description General Bytes Crypto Application Server (CAS) contains an authentication bypass in the admin web interface. An unauthenticated attacker can invoke a URL used for the product’s default installation/first-admin creation page to create a new administrative account remotely. Gaining admin privileges allows attackers to change ATM configurations, potentially redirecting funds. The issue was actively exploited in the wild against cloud-hosted and standalone CAS deployments, scanning exposed instances on ports 7777/443.

Recommendations General Bytes Crypto Application Server (CAS) versions prior to 20220531.38 (backport) should be updated to version 20220531.38 or later. General Bytes Crypto Application Server (CAS) version 20220725.22 should be updated to a newer version.