PatchSiren cyber security CVE debrief
CVE-2021-44794 Krontech CVE debrief
A missing authorization check in Krontech Single Connect's sc-diagnostic-ui module allows unauthenticated remote attackers to access a device information page and obtain sensitive information. The vulnerability was disclosed in January 2022 and affects versions prior to 2.16.
- Vendor
- Krontech
- Product
- Single Connect
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2022-01-27
- Original CVE updated
- 2026-05-18
- Advisory published
- 2022-01-27
- Advisory updated
- 2026-05-18
Who should care
Organizations deploying Krontech Single Connect for privileged access management should prioritize patching, particularly those with externally exposed administrative interfaces. Security teams should audit access to diagnostic modules and verify that authorization controls are properly implemented across all administrative endpoints.
Technical summary
Krontech Single Connect versions prior to 2.16 contain a missing authorization vulnerability (CWE-862) in the sc-diagnostic-ui module. The module fails to verify that a requesting user is authenticated and authorized before serving the device information page. A remote unauthenticated attacker can directly access this endpoint to obtain sensitive device information. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N reflects network accessibility with low attack complexity, no privileges required, and confidentiality impact limited to information disclosure without integrity or availability effects.
Defensive priority
medium
Recommended defensive actions
- Upgrade Krontech Single Connect to version 2.16 or later to remediate the missing authorization check in the sc-diagnostic-ui module
- Review access controls on diagnostic interfaces and ensure proper authentication is enforced before serving device information pages
- Monitor access logs for unauthorized requests to /sc-diagnostic-ui paths or similar diagnostic endpoints
- If immediate patching is not feasible, restrict network access to Single Connect administrative interfaces using firewall rules or network segmentation
- Verify that no sensitive device information has been exfiltrated by reviewing historical access patterns to the diagnostic module
Evidence notes
The vulnerability description indicates the sc-diagnostic-ui module fails to perform authorization checks, permitting unauthorized access to device information. The CPE configuration specifies affected versions as those prior to 2.16. USOM (Turkish National Cyber Security Incident Response Center) published advisory TR-22-0093 with third-party advisory status.
Official resources
-
CVE-2021-44794 CVE record
CVE.org
-
CVE-2021-44794 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
2022-01-27