rapid7 · mkienow-r7 · Dec 4, 2021 · Nov 18, 2021 · Nov 19, 2021
diff --git a/cpe-remap.yaml b/cpe-remap.yaml
@@ -140,6 +140,8 @@ mappings:
     parallels:
       products:
         plesk: parallels_plesk_panel
+    phoenix_contact:
+      vendor: phoenixcontact
     plesk:
       vendor: parallels
     proftpd_project:
@@ -159,6 +161,8 @@ mappings:
         jboss_eap: jboss_enterprise_application_platform
         jbossweb: jboss_web_framework_kit
         red_hat_directory_server: directory_server
+    rundeck:
+      vendor: pagerduty
     serv-u:
       vendor: solarwinds
     squid_cache:
@@ -208,6 +212,7 @@ mappings:
     apple:
       products:
         ios: iphone_os
+        mac_os: macos
     brocade:
       vendor: broadcom
       products:
@@ -277,10 +282,14 @@ mappings:
         ilom: integrated_lights_out_manager_firmware
     palo_alto_networks:
       vendor: paloaltonetworks
+    phoenix_contact:
+      vendor: phoenixcontact
     red_hat:
       vendor: redhat
       products:
         fedora_core_linux: fedora_core
+    software_house:
+      vendor: swhouse
     sun:
       products:
         solaris: sunos
@@ -337,6 +346,10 @@ mappings:
       vendor: dell
       products:
         k1000: kace_k1000_systems_management_appliance
+    phoenix_contact:
+      vendor: phoenixcontact
+    software_house:
+      vendor: swhouse
     tandberg:
       vendor: cisco
     ubiquiti:

diff --git a/identifiers/hw_family.txt b/identifiers/hw_family.txt
@@ -116,5 +116,6 @@ iPad Pro
 iPad mini
 iPhone
 iPod
+iSTAR Door Controllers
 imageClass
 imageRunner
diff --git a/identifiers/hw_product.txt b/identifiers/hw_product.txt
@@ -457,4 +457,5 @@ iPod Touch (4th generation)
 iPod Touch (5th generation)
 iPod Touch (6th generation)
 iPod Touch (7th generation)
+iSTAR Ultra
 vManage
diff --git a/identifiers/os_product.txt b/identifiers/os_product.txt
@@ -89,6 +89,7 @@ Firewall-1
 Fireware
 FortiOS
 FreeBSD
+FreeNAS Firmware
 Freebox OS
 G2 Console Switch
 GAiA OS
@@ -269,6 +270,7 @@ USG40 firmware
 USG60 firmware
 Ubuntu Linux
 Ultrix
+Unified SIP Phone 3900 Firmware
 UnixWare
 VBrick Rev
 VIDOS-NVR

diff --git a/identifiers/vendor.txt b/identifiers/vendor.txt
@@ -663,6 +663,7 @@ SmoothWall
 SnapServer
 Sofrel
 Softing
+Software House
 SolarWinds
 SonarQube
 SonicWall

diff --git a/xml/dhcp_vendor_class.xml b/xml/dhcp_vendor_class.xml
@@ -203,4 +203,4 @@
     <param pos="0" name="os.family" value="Windows"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>
diff --git a/xml/favicons.xml b/xml/favicons.xml
@@ -343,6 +343,7 @@
     <param pos="0" name="service.vendor" value="Rundeck"/>
     <param pos="0" name="service.product" value="Rundeck"/>
     <param pos="0" name="service.certainty" value="0.5"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:pagerduty:rundeck:-"/>
   </fingerprint>
 
   <fingerprint pattern="^3ef81fad2a3deaeb19f02c9cf67ed8eb$">
@@ -1852,11 +1853,14 @@
   <fingerprint pattern="^c7f62c79333a43b6cd3f24d9e9c69526$">
     <description>iSTAR Ultra</description>
     <example>c7f62c79333a43b6cd3f24d9e9c69526</example>
-    <param pos="0" name="os.vendor" value="iStar"/>
-    <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="hw.vendor" value="iStar"/>
+    <param pos="0" name="os.vendor" value="Software House"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="0" name="hw.vendor" value="Software House"/>
     <param pos="0" name="hw.device" value="Access Control"/>
-    <param pos="0" name="hw.product" value="Ultra Door Controller"/>
+    <param pos="0" name="hw.family" value="iSTAR Door Controllers"/>
+    <param pos="0" name="hw.product" value="iSTAR Ultra"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:swhouse:istar_ultra:-"/>
   </fingerprint>
 
   <fingerprint pattern="^fc83221e4a9e57f2e0b10416de541ca3|e518c347f94a594de49e3f3948b8e6e5$">
@@ -1888,7 +1892,7 @@
     <param pos="0" name="hw.product" value="Novus UPS"/>
   </fingerprint>
 
- <fingerprint pattern="^34a1514e6ab88611178ef9bda6e1c752$">
+  <fingerprint pattern="^34a1514e6ab88611178ef9bda6e1c752$">
     <description>ProSoft RadioLinx</description>
     <example>34a1514e6ab88611178ef9bda6e1c752</example>
     <param pos="0" name="hw.vendor" value="ProSoft Technology"/>
@@ -1938,10 +1942,10 @@
     <example>716417a84b643460167d84e251579491</example>
     <param pos="0" name="os.vendor" value="LG"/>
     <param pos="0" name="os.product" value="webOS"/>
-    <param pos="0" name="os.certainty" value="0.5"/>     
+    <param pos="0" name="os.certainty" value="0.5"/>
     <param pos="0" name="hw.vendor" value="LG"/>
     <param pos="0" name="hw.device" value="Smart TV"/>
     <param pos="0" name="hw.certainty" value="0.5"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>
diff --git a/xml/ftp_banners.xml b/xml/ftp_banners.xml
@@ -1809,4 +1809,4 @@ more text</example>
     <param pos="0" name="hw.device" value="Printer"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>
diff --git a/xml/html_title.xml b/xml/html_title.xml
@@ -662,7 +662,6 @@
     <param pos="0" name="os.vendor" value="MikroTik"/>
     <param pos="0" name="os.device" value="Switch"/>
     <param pos="0" name="os.product" value="SwOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:swos:-"/>
     <param pos="0" name="hw.vendor" value="MikroTik"/>
     <param pos="0" name="hw.device" value="Switch"/>
   </fingerprint>
@@ -797,7 +796,7 @@
     <param pos="2" name="host.mac"/>
   </fingerprint>
 
- <fingerprint pattern="^Digi Configuration and Management$">
+  <fingerprint pattern="^Digi Configuration and Management$">
     <description>Digi Cellular Routers (Generic)</description>
     <example>Digi Configuration and Management</example>
     <param pos="0" name="hw.vendor" value="Digi"/>
@@ -823,7 +822,7 @@
     <param pos="1" name="hw.product"/>
   </fingerprint>
 
- <fingerprint pattern="^Lantronix WEB-Manager$">
+  <fingerprint pattern="^Lantronix WEB-Manager$">
     <description>Lantronix UDS terminal server</description>
     <example>Lantronix WEB-Manager</example>
     <param pos="0" name="hw.vendor" value="Lantronix"/>
@@ -1434,7 +1433,6 @@
     <param pos="0" name="service.vendor" value="Cisco"/>
     <param pos="0" name="service.product" value="ASDM"/>
     <param pos="1" name="service.version"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:asdm:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^Duo Access Gateway$">
@@ -2876,7 +2874,7 @@
     <example>Rundeck - Login</example>
     <param pos="0" name="service.vendor" value="Rundeck"/>
     <param pos="0" name="service.product" value="Rundeck"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:rundeck:rundeck:-"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:pagerduty:rundeck:-"/>
   </fingerprint>
 
   <fingerprint pattern="^CrushFTP WebInterface$">
@@ -3406,6 +3404,7 @@
     <example>Shelly Color Bulb</example>
     <param pos="0" name="os.vendor" value="Cesanta"/>
     <param pos="0" name="os.product" value="Mongoose OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
     <param pos="0" name="hw.vendor" value="Shelly"/>
     <param pos="0" name="hw.device" value="Light Bulb"/>
     <param pos="0" name="hw.product" value="Color Bulb"/>
@@ -3419,6 +3418,7 @@
     <example hw.product="Switch">Shelly Switch</example>
     <param pos="0" name="os.vendor" value="Cesanta"/>
     <param pos="0" name="os.product" value="Mongoose OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
     <param pos="0" name="hw.vendor" value="Shelly"/>
     <param pos="0" name="hw.device" value="Device"/>
     <param pos="1" name="hw.product"/>
@@ -3430,6 +3430,7 @@
     <example hw.product="1L">Shelly1L</example>
     <param pos="0" name="os.vendor" value="Cesanta"/>
     <param pos="0" name="os.product" value="Mongoose OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
     <param pos="0" name="hw.vendor" value="Shelly"/>
     <param pos="0" name="hw.device" value="Device"/>
     <param pos="1" name="hw.product"/>
@@ -3471,14 +3472,14 @@
     <param pos="0" name="service.vendor" value="Ubiquiti"/>
     <param pos="0" name="service.product" value="UniFi"/>
     <param pos="0" name="service.device" value="Device"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ui:unifi:-"/>
   </fingerprint>
 
   <fingerprint pattern="^Login to AdminDroid Office 365 Reporter$">
     <description>AdminDroid Office 365 Reporter Application</description>
     <example>Login to AdminDroid Office 365 Reporter</example>
     <param pos="0" name="service.vendor" value="AdminDroid"/>
     <param pos="0" name="service.product" value="Office 365 Reporter"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:admindroid:office_365_reporter:-"/>
   </fingerprint>
 
   <fingerprint pattern="^Nanoleaf Firmware Upload$">
@@ -3589,7 +3590,7 @@
     <param pos="1" name="hw.product"/>
   </fingerprint>
 
- <fingerprint pattern="^Radio Configuration/Diagnostic Utility$">
+  <fingerprint pattern="^Radio Configuration/Diagnostic Utility$">
     <description>ProSoft RadioLinx</description>
     <example>Radio Configuration/Diagnostic Utility</example>
     <param pos="0" name="hw.vendor" value="ProSoft Technology"/>
@@ -3606,12 +3607,15 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:ntop:ntopng:-"/>
   </fingerprint>
 
-   <fingerprint pattern="^FreeNAS$">
-     <description>FreeNAS</description>
-     <example>FreeNAS</example>
-     <param pos="0" name="service.vendor" value="iXsystems"/>
-     <param pos="0" name="service.product" value="FreeNAS"/>
-     <param pos="0" name="service.cpe23" value="cpe:/a:ixsystems:freenas:-"/>
+  <fingerprint pattern="^FreeNAS$">
+    <description>iXsystems FreeNAS</description>
+    <example>FreeNAS</example>
+    <param pos="0" name="service.vendor" value="iXsystems"/>
+    <param pos="0" name="service.product" value="FreeNAS"/>
+    <param pos="0" name="os.vendor" value="iXsystems"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeNAS Firmware"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:ixsystems:freenas_firmware:-"/>
   </fingerprint>
 
   <fingerprint pattern="^Xerox (.{1,1000}) - \d+\.\d+\.\d+\.\d+$">
@@ -3720,4 +3724,4 @@
     <param pos="0" name="hw.product" value="Eternus"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>
diff --git a/xml/http_servers.xml b/xml/http_servers.xml
@@ -4131,6 +4131,7 @@
     <param pos="0" name="hw.vendor" value="Roku"/>
     <param pos="0" name="hw.product" value="Roku"/>
     <param pos="0" name="hw.device" value="Media Server"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:roku:roku:-"/>
     <param pos="0" name="service.vendor" value="MiniUPnP Project"/>
     <param pos="0" name="service.product" value="MiniUPnPd"/>
     <param pos="1" name="service.version"/>

diff --git a/xml/http_wwwauth.xml b/xml/http_wwwauth.xml
@@ -637,7 +637,7 @@
     <param pos="0" name="hw.product" value="CommServer"/>
   </fingerprint>
 
- <fingerprint pattern="(?i)^Digest realm=&quot;Use 'live' as User Name">
+  <fingerprint pattern="(?i)^Digest realm=&quot;Use 'live' as User Name">
     <description>Bosch AutoDome IP Camera</description>
     <example>Digest realm="Use 'live' as User Name",nonce="18e62d241a5358a9650640fa72c1773c",opaque="",stale=FALSE,algorithm=MD5</example>
     <example>Digest realm="Use 'live' as User Name in order to log in to the respective level",nonce="2e6007092c2b28af7e2516b80b5b4f95",opaque="",stale=FALSE,algorithm=MD5,qop="auth"</example>

diff --git a/xml/mdns_device-info_txt.xml b/xml/mdns_device-info_txt.xml
@@ -2084,7 +2084,7 @@
   <!-- iPhones - Reference for the following: https://www.theiphonewiki.com/wiki/Category:Devices
    and http://phonedb.net/ -->
 
- <fingerprint pattern="^model=(?:D64AP|iPhone14,3)$">
+  <fingerprint pattern="^model=(?:D64AP|iPhone14,3)$">
     <description>iPhone 13 Pro Max</description>
     <example>model=D64AP</example>
     <example>model=iPhone14,3</example>
@@ -2098,7 +2098,7 @@
     <param pos="0" name="hw.device" value="Mobile Phone"/>
   </fingerprint>
 
- <fingerprint pattern="^model=(?:D63AP|iPhone14,2)$">
+  <fingerprint pattern="^model=(?:D63AP|iPhone14,2)$">
     <description>iPhone 13 Pro</description>
     <example>model=D63AP</example>
     <example>model=iPhone14,2</example>
@@ -2563,8 +2563,8 @@
     <param pos="0" name="hw.cpe23" value="cpe:/h:apple:iphone:-"/>
   </fingerprint>
 
-
   <!-- iPod -->
+
   <fingerprint pattern="^model=(?:N112AP|iPod9,1)$">
     <description>iPod Touch (7th generation)</description>
     <example>model=N112AP</example>
@@ -2663,4 +2663,4 @@
     <param pos="0" name="hw.device" value="Media Player"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>
diff --git a/xml/operating_system.xml b/xml/operating_system.xml
@@ -434,6 +434,7 @@
     <param pos="0" name="os.family" value="Mac OS"/>
     <param pos="0" name="os.product" value="Mac OS"/>
     <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:macos:{os.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">

diff --git a/xml/sip_user_agents.xml b/xml/sip_user_agents.xml
@@ -129,34 +129,33 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^Cisco-CP(\d{4})/([\d.]+)$">
-    <description>Cisco CP-model IP Phones</description>
-    <example cisco.model="3905" hw.product="CP-3905" os.version="9.4.1">Cisco-CP3905/9.4.1</example>
+  <fingerprint pattern="^Cisco-CP(39\d{2})/([\d.]+)$">
+    <description>Cisco Unified SIP Phone 3900 Series</description>
+    <example cisco.model="3905" hw.product="Unified SIP Phone 3905" os.version="9.4.1">Cisco-CP3905/9.4.1</example>
     <param pos="1" name="cisco.model"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="VoIP"/>
-    <param pos="0" name="hw.product" value="CP-{cisco.model}"/>
+    <param pos="0" name="hw.product" value="Unified SIP Phone {cisco.model}"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
-    <param pos="0" name="os.product" value="IOS"/>
+    <param pos="0" name="os.product" value="Unified SIP Phone 3900 Firmware"/>
     <param pos="2" name="os.version"/>
     <param pos="0" name="hw.certainty" value="0.95"/>
     <param pos="0" name="os.certainty" value="0.95"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:unified_sip_phone_3900_firmware:{os.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^Cisco-ATA(\d{3})/([\d.]+)$">
     <description>Cisco Analog Telephone Adapters (ATA)</description>
-    <example cisco.model="187" hw.product="ATA-187" os.version="9.2.3">Cisco-ATA187/9.2.3</example>
+    <example cisco.model="187" hw.product="ATA 187" os.version="9.2.3">Cisco-ATA187/9.2.3</example>
     <param pos="1" name="cisco.model"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="VoIP"/>
-    <param pos="0" name="hw.product" value="ATA-{cisco.model}"/>
+    <param pos="0" name="hw.product" value="ATA {cisco.model}"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
-    <param pos="0" name="os.product" value="IOS"/>
+    <param pos="0" name="os.product" value="ATA {cisco.model} Firmware"/>
     <param pos="2" name="os.version"/>
     <param pos="0" name="hw.certainty" value="0.9"/>
     <param pos="0" name="os.certainty" value="0.9"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
   </fingerprint>
 
   <!-- AVM.DE Devices -->

diff --git a/xml/smtp_banners.xml b/xml/smtp_banners.xml
@@ -212,6 +212,7 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="Mac OS"/>
     <param pos="0" name="os.product" value="Mac OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:macos:-"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
   </fingerprint>

diff --git a/xml/smtp_help.xml b/xml/smtp_help.xml
@@ -43,6 +43,7 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="Mac OS"/>
     <param pos="0" name="os.product" value="Mac OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:macos:-"/>
   </fingerprint>
 
   <fingerprint pattern="^214[ -]([^ ]+) is running the IBM VM operating system$">