A critical remote and unauthenticated file disclosure vulnerability, identified as CVE-2022-50792, exists in multiple SOUND4 products. This flaw allows an attacker with network access to the device to read any file on the system, potentially exposing highly sensitive information such as configuration details, user credentials, and system keys without needing any prior authentication.

This vulnerability is a classic path traversal flaw within the web interface of the affected devices. A remote, unauthenticated attacker can craft a specific HTTP GET request manipulating the 'file' parameter. By using directory traversal sequences (e.g., ../../..), the attacker can navigate outside of the intended web root directory and access arbitrary files anywhere on the device's file system, provided the application's user has read permissions for those files.

This vulnerability is rated as critical severity with a CVSS score of 9.8, reflecting the extreme risk it poses to an organization. Successful exploitation could lead to a complete compromise of confidentiality, allowing attackers to exfiltrate sensitive data such as system passwords, private cryptographic keys, intellectual property, and network configuration files. This stolen information can be used to facilitate further network intrusion, pivot to other systems, disrupt broadcast operations, or lead to a significant data breach, resulting in severe financial, reputational, and regulatory damage.

Immediate Action: Immediately identify all affected SOUND4 devices within the environment and update them to a patched version as recommended by the vendor. After patching, review system and access logs for any signs of compromise that may have occurred prior to remediation.

Proactive Monitoring: Implement continuous monitoring of web server access logs for affected devices. Specifically, search for suspicious GET requests containing the file= parameter followed by directory traversal payloads such as ../, ..%2f, or other variants. Monitor for unusual outbound network traffic from these devices, which could indicate data exfiltration.

Compensating Controls: If immediate patching is not feasible, implement network segmentation to restrict access to the device's management interface to a minimal set of trusted administrative hosts. If the device is exposed to the internet, place it behind a Web Application Firewall (WAF) configured with rules to detect and block path traversal attack patterns.

Public Exploit Available: true

Due to the critical severity (CVSS 9.8) and the fact that this vulnerability can be exploited by an unauthenticated remote attacker, immediate action is required. All organizations using the affected SOUND4 products must prioritize applying the vendor-supplied patches without delay. Although not currently on the CISA KEV list, the low complexity of attack makes these devices prime targets. If patching cannot be performed immediately, the compensating controls outlined above must be implemented as a critical temporary measure to reduce the risk of compromise.