×
Did you know that Comet exists in a US version as well?
Go to Comet America
manufacturer of measuring instruments
English Česky Africa China Español Français Magyar Polski Sweden USA
x

Security Advisories

COMET SYSTEM, s.r.o. want to provide customers with timely information and risk mitigation advices to minimize the risks associated with security threats. We recommend that customers use the latest available version of the software and firmware. Firmware and software updates should be downloaded from reputable sources only like a COMET webpages of directly obtained from technical support. Any questions related to COMET products and security threats may to be addressed to technical support.

 
DATE DESCRIPTION IMPACT TO COMET PRODUCTS
2022-02-16 Ping Utility Vulnerability
 WiFi sensors Wx7xx (firmware version 10.0.3.0 and lower)
  CVE-2021-21966
 It was found security vulnerability related to SoC used at WiFi sensors. This vulnerability affects Ping utility inside http server. We have confirmed that WiFi sensors with firmware version 10.0.3.0 and lower are affected by this vulnerability. From this reason we strongly recommand to update firmware to 10.0.4.0 or higher. Latest firmware for WiFi sensors is available at COMET webpages.
2022-02-07 Samba vulnerability No impact
  CVE-2021-44142
 COMET does not use Samba (open-source implementation of SMB protocol) at any end-users software or firmware. No additional measures in relation to COMET devices or software are required.
2021-12-13 Apache Log4j 2.x vulnerabilities No impact
  CVE-2021-44228, CVE-2021-45046, CVE-2021-45105
 COMET does not use Log4j library at any end-users software or firmware. No additional measures in relation to COMET devices or software are required.
2021-05-15 WiFi FragAttacks vulnerabilities WiFi sensors Wx7xx (firmware version 10.0.2.0 and lower)
  CVE-2020-24588, CVE-2020-26140, CVE-2020-26143 FragAttacks is name for vulnerabilities related to WiFi standard and its implementation disclosed by security researcher Mathy Vanhoef at May 11, 2021. WiFi sensors with firmware version 10.0.2.0 and lower may to be affected by this vulnerabilities. We are not aware about any potential attack vector for WiFi sensors, but we strongly recommend update firmware version to 10.0.2.1 or higher. Firmware which solve these potential issues is available at COMET webpages.
2021-04-29 Potential memory allocation vulnerabilities WiFi sensors Wx7xx (firmware version 10.0.1.1 and lower)
  CVE-2021-22636, CVE-2021-27429, CVE-2021-27502 Memory allocation vulnerabilities were found at 3rd party development environment used for development of WiFi sensors. At present time we are not aware any way how to exploit this potential vulnerabilities at WiFi sensors. But we strongly recommand to update firmware to 10.0.2.0 or higher. Latest firmware for WiFi sensors is available at COMET webpages.
2020-12-09 Vulnerabilities at TCP/IP stack AMNESIA:33 No impact
  CVE description COMET does not use TCP/IP stacks (uIP, FNET, picoTCP, Nut/Net) inside any device. No additional measures in relation to COMET devices are required.

 


We produce

Leading manufacturer of temperature, humidity, atmospheric pressure, carbon dioxide CO2 transmitters, data loggers, monitoring systems, data acquisiton systems, thermometers, hygrometers, barometers. Production includes data acquisition systems, humidity, temperature, CO2 transmitters and portable thermometers, hygrometers, barometers, CO2 meters. Instruments are designed for accurate measurement and for monitoring environmental conditions.

All instruments come with included traceable calibration certificate with declared metrological traceability of etalons based on requirements of EN ISO/IEC 17025 standard.

 

 

ISO logo CQS logo
© Copyright 2023 COMET SYSTEM, s.r.o. | Webdesign by Spaneco