Common Weakness Enumeration

CWE-912

Allowed-with-Review

Hidden Functionality

Abstraction: Class · Status: Incomplete

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

146 vulnerabilities reference this CWE, most recent first.

CVE-2024-22044 (GCVE-0-2024-22044)

Vulnerability from cvelistv5 – Published: 2024-03-12 10:21 – Updated: 2024-08-26 18:02
VLAI
Summary
A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Siemens SENTRON 3KC ATC6 Expansion Module Ethernet Affected: 0 , < * (custom)
Create a notification for this product.
siemens sentron_3kc_act6 Affected: 0 , < * (custom)
    cpe:2.3:h:siemens:sentron_3kc_act6:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:siemens:sentron_3kc_act6:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sentron_3kc_act6",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22044",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-26T18:00:41.945516Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T18:02:43.748Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.740Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-918992.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SENTRON 3KC ATC6 Expansion Module Ethernet",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T10:21:57.477Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-918992.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-22044",
    "datePublished": "2024-03-12T10:21:57.477Z",
    "dateReserved": "2024-01-04T13:24:07.552Z",
    "dateUpdated": "2024-08-26T18:02:43.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20439 (GCVE-0-2024-20439)

Vulnerability from cvelistv5 – Published: 2024-09-04 16:28 – Updated: 2025-10-21 22:55
VLAI
Summary
A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API.
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Cisco Cisco Smart License Utility Affected: 2.1.0
Affected: 2.0.0
Affected: 2.2.0
Create a notification for this product.
cisco cisco_smart_license_utility Affected: 2.1.0
Affected: 2.0.0
Affected: 2.2.0
    cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cisco_smart_license_utility",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "2.1.0"
              },
              {
                "status": "affected",
                "version": "2.0.0"
              },
              {
                "status": "affected",
                "version": "2.2.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cisco_smart_license_utility",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "2.1.0"
              },
              {
                "status": "affected",
                "version": "2.0.0"
              },
              {
                "status": "affected",
                "version": "2.2.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cisco_smart_license_utility",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "2.1.0"
              },
              {
                "status": "affected",
                "version": "2.0.0"
              },
              {
                "status": "affected",
                "version": "2.2.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20439",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-31T18:12:06.667412Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-03-31",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20439"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:46.010Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20439"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-03-31T00:00:00.000Z",
            "value": "CVE-2024-20439 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Smart License Utility",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "2.2.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential.\r\n\r This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "In March 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "Hidden Functionality",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-01T21:36:38.960Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-cslu-7gHMzWmw",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw"
        }
      ],
      "source": {
        "advisory": "cisco-sa-cslu-7gHMzWmw",
        "defects": [
          "CSCwi41731"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20439",
    "datePublished": "2024-09-04T16:28:39.669Z",
    "dateReserved": "2023-11-08T15:08:07.670Z",
    "dateUpdated": "2025-10-21T22:55:46.010Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-13062 (GCVE-0-2024-13062)

Vulnerability from cvelistv5 – Published: 2025-01-02 09:09 – Updated: 2025-01-06 20:32
VLAI
Summary
An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-912 - Hidden Functionality
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
Impacted products
Vendor Product Version
ASUS Router Affected: 3.0.0.4_382 series (custom)
Affected: 3.0.0.4_386 series (custom)
Affected: 3.0.0.4_388 series (custom)
Affected: 3.0.0.6_102 series (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13062",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T20:32:32.491358Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-06T20:32:58.212Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Router",
          "vendor": "ASUS",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.0.4_382 series",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "3.0.0.4_386 series",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "3.0.0.4_388 series",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "3.0.0.6_102 series",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution.\u003cbr\u003eRefer to the \u0027\u0026nbsp;01/02/2025 ASUS Router AiCloud vulnerability\u0027 section on the ASUS Security Advisory for more information."
            }
          ],
          "value": "An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution.\nRefer to the \u0027\u00a001/02/2025 ASUS Router AiCloud vulnerability\u0027 section on the ASUS Security Advisory for more information."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-02T09:09:45.871Z",
        "orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
        "shortName": "ASUS"
      },
      "references": [
        {
          "url": "https://www.asus.com/content/asus-product-security-advisory/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
    "assignerShortName": "ASUS",
    "cveId": "CVE-2024-13062",
    "datePublished": "2025-01-02T09:09:45.871Z",
    "dateReserved": "2024-12-31T01:39:32.126Z",
    "dateUpdated": "2025-01-06T20:32:58.212Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10773 (GCVE-0-2024-10773)

Vulnerability from cvelistv5 – Published: 2024-12-06 12:31 – Updated: 2024-12-09 14:44
VLAI
Title
SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacks
Summary
The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full access to the device.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://sick.com/psirt x_SICK PSIRT Website
https://cdn.sick.com/media/docs/1/11/411/Special_… x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ic… x_ICS-CERT recommended practices on Industrial Security
https://www.first.org/cvss/calculator/3.1 x_CVSS v3.1 Calculator
https://www.sick.com/.well-known/csaf/white/2024/… vendor-advisory
https://www.sick.com/.well-known/csaf/white/2024/… vendor-advisoryx_csaf
Impacted products
Vendor Product Version
SICK AG SICK InspectorP61x Affected: 0 , < <5.0.0 (custom)
Create a notification for this product.
SICK AG SICK InspectorP62x Affected: 0 , < <5.0.0 (custom)
Create a notification for this product.
SICK AG TiM3xx Affected: 0 , < <5.10.0 (custom)
Create a notification for this product.
sick inspector61x_firmware Affected: 0 , < 5.0.0 (custom)
    cpe:2.3:o:sick:inspector61x_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
sick inspector62x_firmware Affected: 0 , < 5.0.0 (custom)
    cpe:2.3:o:sick:inspector62x_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
sick tim3xx Affected: 0 , < 5.10.0 (custom)
    cpe:2.3:a:sick:tim3xx:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-12-06 12:00
Credits
Manuel Stotz Tobias Jaeger
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:sick:inspector61x_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "inspector61x_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:inspector62x_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "inspector62x_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:sick:tim3xx:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "tim3xx",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.10.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10773",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-09T14:37:48.545525Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-09T14:44:36.597Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SICK InspectorP61x",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SICK InspectorP62x",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TiM3xx",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.10.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Manuel Stotz"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Tobias Jaeger"
        }
      ],
      "datePublic": "2024-12-06T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain\nfull access to the device."
            }
          ],
          "value": "The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain\nfull access to the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-06T12:31:10.776Z",
        "orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
        "shortName": "SICK AG"
      },
      "references": [
        {
          "tags": [
            "x_SICK PSIRT Website"
          ],
          "url": "https://sick.com/psirt"
        },
        {
          "tags": [
            "x_SICK Operating Guidelines"
          ],
          "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
        },
        {
          "tags": [
            "x_ICS-CERT recommended practices on Industrial Security"
          ],
          "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
        },
        {
          "tags": [
            "x_CVSS v3.1 Calculator"
          ],
          "url": "https://www.first.org/cvss/calculator/3.1"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf"
        },
        {
          "tags": [
            "vendor-advisory",
            "x_csaf"
          ],
          "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For InspectorP61x, InspectorP62x and TiM3xx: Customers are strongly recommended to upgrade to the latest release."
            }
          ],
          "value": "For InspectorP61x, InspectorP62x and TiM3xx: Customers are strongly recommended to upgrade to the latest release."
        }
      ],
      "source": {
        "advisory": "SCA-2024-0006",
        "discovery": "EXTERNAL"
      },
      "title": "SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacks",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
    "assignerShortName": "SICK AG",
    "cveId": "CVE-2024-10773",
    "datePublished": "2024-12-06T12:31:10.776Z",
    "dateReserved": "2024-11-04T13:07:00.547Z",
    "dateUpdated": "2024-12-09T14:44:36.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6045 (GCVE-0-2024-6045)

Vulnerability from cvelistv5 – Published: 2024-06-17 03:12 – Updated: 2024-08-01 21:25
VLAI
Title
D-Link router - Hidden Backdoor
Summary
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-912 - Hidden Functionality
  • CWE-798 - Use of Hard-coded Credentials
Assigner
Impacted products
Vendor Product Version
D-Link G403 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link G415 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link G416 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link M18 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link R03 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link R04 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link R12 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link R18 Affected: earlier , < 1.10.01 (custom)
Create a notification for this product.
D-Link E30 Affected: earlier , < 1.10.02 (custom)
Create a notification for this product.
D-Link M30 Affected: earlier , < 1.10.02 (custom)
Create a notification for this product.
D-Link M32 Affected: earlier , < 1.10.02 (custom)
Create a notification for this product.
D-Link M60 Affected: earlier , < 1.10.02 (custom)
Create a notification for this product.
D-Link R32 Affected: earlier , < 1.10.02 (custom)
Create a notification for this product.
D-Link E15 Affected: earlier , < 1.20.01 (custom)
Create a notification for this product.
D-Link R15 Affected: earlier , < 1.20.01 (custom)
Create a notification for this product.
dlink g403_firmware Affected: 0 , < 1.10.01 (custom)
    cpe:2.3:o:dlink:r12_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:r18_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:r04_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:r03_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:m18_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:g416_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:g415_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:g403_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
dlink e30_firmware Affected: 0 , < 1.10.02 (custom)
    cpe:2.3:o:dlink:r32_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:m60_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:m32_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:m30_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:e30_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
dlink e15_firmware Affected: 0 , < 1.20.01 (custom)
    cpe:2.3:o:dlink:r15_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:dlink:e15_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-06-17 03:12
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dlink:r12_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:r18_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:r04_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:r03_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:m18_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:g416_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:g415_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:g403_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "g403_firmware",
            "vendor": "dlink",
            "versions": [
              {
                "lessThan": "1.10.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dlink:r32_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:m60_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:m32_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:m30_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:e30_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "e30_firmware",
            "vendor": "dlink",
            "versions": [
              {
                "lessThan": "1.10.02",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dlink:r15_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:e15_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "e15_firmware",
            "vendor": "dlink",
            "versions": [
              {
                "lessThan": "1.20.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6045",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-22T03:55:29.791651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T13:16:42.373Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:25:03.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-7879-da630-1.html"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/en/cp-139-7880-629f5-2.html"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "G403",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "G415",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "G416",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "M18",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R03",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R04",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R12",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R18",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "E30",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.02",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "M30",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.02",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "M32",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.02",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "M60",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.02",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R32",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.10.02",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "E15",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.20.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "R15",
          "vendor": "D-Link",
          "versions": [
            {
              "lessThan": "1.20.01",
              "status": "affected",
              "version": "earlier",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-06-17T03:12:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware."
            }
          ],
          "value": "Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-190",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798: Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-17T03:12:14.137Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-7879-da630-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-7880-629f5-2.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Please update firmware of following models to 1.10.01 or later version\uff1a\u003cbr\u003eG403, G415, G416, M18, R03, R04, R12, R18\u003cbr\u003e\u003cbr\u003ePlease update firmware of following models to 1.10.02 or later version\uff1a \u003cbr\u003eE30, M30, M32, M60, R32\u003cbr\u003e\u003cbr\u003ePlease update firmware of following models to 1.20.01 or later version\uff1a\u003cbr\u003eE15, R15\u003cbr\u003e"
            }
          ],
          "value": "Please update firmware of following models to 1.10.01 or later version\uff1a\nG403, G415, G416, M18, R03, R04, R12, R18\n\nPlease update firmware of following models to 1.10.02 or later version\uff1a \nE30, M30, M32, M60, R32\n\nPlease update firmware of following models to 1.20.01 or later version\uff1a\nE15, R15"
        }
      ],
      "source": {
        "advisory": "TVN-202406013",
        "discovery": "EXTERNAL"
      },
      "title": "D-Link router - Hidden Backdoor",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2024-6045",
    "datePublished": "2024-06-17T03:12:14.137Z",
    "dateReserved": "2024-06-17T01:58:49.676Z",
    "dateUpdated": "2024-08-01T21:25:03.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5633 (GCVE-0-2024-5633)

Vulnerability from cvelistv5 – Published: 2024-07-09 10:58 – Updated: 2024-08-01 21:18 Unsupported When Assigned
VLAI
Summary
Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports.  An attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Longse Technology LBH30FE200W Affected: 0 , ≤ * (custom)
Create a notification for this product.
Zamel ZMB-01/C Affected: 0 , ≤ * (custom)
Create a notification for this product.
longse_technology lbh30fe200w Affected: 0 , < * (custom)
    cpe:2.3:h:longse_technology:lbh30fe200w:-:*:*:*:*:*:*:*
Create a notification for this product.
zamel zmb-01 Affected: 0 , < * (custom)
    cpe:2.3:h:zamel:zmb-01:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-07-09 10:00
Credits
Adam Zambrzycki
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:longse_technology:lbh30fe200w:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "lbh30fe200w",
            "vendor": "longse_technology",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:zamel:zmb-01:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "zmb-01",
            "vendor": "zamel",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5633",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T14:05:59.423707Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T14:20:59.059Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:06.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://zamel.com/pl/gardi/zestaw-monitoringu-bezprzewodowego-wi-fi-typ-zmb-01"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://cert.pl/en/posts/2024/07/CVE-2024-5631/"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://cert.pl/posts/2024/07/CVE-2024-5631/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "LBH30FE200W",
          "vendor": "Longse Technology",
          "versions": [
            {
              "lessThanOrEqual": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "ZMB-01/C",
          "vendor": "Zamel",
          "versions": [
            {
              "lessThanOrEqual": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Adam Zambrzycki"
        }
      ],
      "datePublic": "2024-07-09T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Longse model\u0026nbsp;LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service \u003ci\u003eCoolView\u003c/i\u003e on one of the ports.\u0026nbsp;\u003cbr\u003eAn attacker with a knowledge of the available commands is able to perform read/write operations on the device\u0027s memory, which might result in e.g. bypassing telnet login and obtaining full access to the device.\u0026nbsp;"
            }
          ],
          "value": "Longse model\u00a0LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports.\u00a0\nAn attacker with a knowledge of the available commands is able to perform read/write operations on the device\u0027s memory, which might result in e.g. bypassing telnet login and obtaining full access to the device."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T10:58:17.510Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://zamel.com/pl/gardi/zestaw-monitoringu-bezprzewodowego-wi-fi-typ-zmb-01"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/en/posts/2024/07/CVE-2024-5631/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/posts/2024/07/CVE-2024-5631/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "tags": [
        "unsupported-when-assigned"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2024-5633",
    "datePublished": "2024-07-09T10:58:17.510Z",
    "dateReserved": "2024-06-04T14:42:04.550Z",
    "dateUpdated": "2024-08-01T21:18:06.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5514 (GCVE-0-2024-5514)

Vulnerability from cvelistv5 – Published: 2024-05-30 02:14 – Updated: 2024-11-25 03:04
VLAI
Title
MinMax CMS - Hidden Functionality
Summary
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without being recorded in the system logs.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-798 - Use of Hard-coded Credentials
  • CWE-912 - Hidden Functionality
Assigner
Impacted products
Vendor Product Version
MinMax Digital Technology MinMax CMS Affected: unknown
Create a notification for this product.
minmax minmax Affected: -
    cpe:2.3:a:minmax:minmax:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-05-30 02:06
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:minmax:minmax:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "minmax",
            "vendor": "minmax",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5514",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-30T14:29:44.054873Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T18:02:49.067Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:05.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MinMax CMS",
          "vendor": "MinMax Digital Technology",
          "versions": [
            {
              "status": "affected",
              "version": "unknown"
            }
          ]
        }
      ],
      "datePublic": "2024-05-30T02:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "MinMax CMS from\u0026nbsp;MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without being recorded in the system logs."
            }
          ],
          "value": "MinMax CMS from\u00a0MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without being recorded in the system logs."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-190",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-25T03:04:51.155Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-7831-b9a46-2.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.chtsecurity.com/news/2dde8d39-59fc-4c09-b4ad-0acf692321c5"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.chtsecurity.com/news/6b2393f5-3041-4011-b2ea-528e312c6b3c"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Please ask the vendor for advice."
            }
          ],
          "value": "Please ask the vendor for advice."
        }
      ],
      "source": {
        "advisory": "TVN-202405006",
        "discovery": "EXTERNAL"
      },
      "title": "MinMax CMS - Hidden Functionality",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2024-5514",
    "datePublished": "2024-05-30T02:14:46.713Z",
    "dateReserved": "2024-05-30T01:40:43.656Z",
    "dateUpdated": "2024-11-25T03:04:51.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3016 (GCVE-0-2024-3016)

Vulnerability from cvelistv5 – Published: 2024-05-09 06:32 – Updated: 2024-08-22 15:09
VLAI
Summary
NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
NEC
Impacted products
Vendor Product Version
NEC Platforms, Ltd ITK-6DGS-1(BK) TEL Affected: v5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32LCGS-1(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32TCGS-1(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-6D-1(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-12D-1(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-8LCX-1(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-8TCGX-1(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-6DGS-1A(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32LCGS-1A(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32TCGS-1A(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-6DGS-1P(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32LCGS-1P(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32TCGS-1P(BK) TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-6D-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-12D-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-6DG-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-12DG-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-8LCX-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-8LCG-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32LCG-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-8TCGX-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
NEC Platforms, Ltd ITK-32TCG-1P(BK)TEL Affected: 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
Create a notification for this product.
nec_platforms_ltd itk_6dgs_1\/bk_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1\/bk_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32lcgs_1\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32tcgs_1\/bk\/_tel Affected: 5.0.0.0 , ≤ v5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_6d_1\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6d_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_12d_1\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_12d_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_8lcx_1\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_8tcgx_1\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_6dgs_1a\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1a\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32lcgs_1a\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1a\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32tcgs_1a\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1a\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_6dgs_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32lcgs_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32tcgs_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_6d_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6d_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_12d_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_12d_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_6dg_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_6dg_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_12dg_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_12dg_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_8lcx_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_8lcg_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_8lcg_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32lcg_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32lcg_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_8tcgx_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , ≤ 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
nec_platforms_ltd itk_32tcg_1p\/bk\/_tel Affected: 5.0.0.0 , ≤ 5.3.4.4 (custom)
Affected: 5.4.0.0 , < 5.6.0.20 (custom)
    cpe:2.3:a:nec_platforms_ltd:itk_32tcg_1p\/bk\/_tel:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Mr. Gianluca Altomani and Mr. Manuel Romei.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jpn.nec.com/security-info/secinfo/nv24-002_en.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1\\/bk_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6dgs_1\\/bk_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32lcgs_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32tcgs_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "v5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6d_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6d_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_12d_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_12d_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_8lcx_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_8tcgx_1\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6dgs_1a\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32lcgs_1a\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32tcgs_1a\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6dgs_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32lcgs_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32tcgs_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6d_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6d_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_12d_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_12d_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_6dg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_6dg_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_12dg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_12dg_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_8lcx_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_8lcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_8lcg_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32lcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32lcg_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_8tcgx_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nec_platforms_ltd:itk_32tcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "itk_32tcg_1p\\/bk\\/_tel",
            "vendor": "nec_platforms_ltd",
            "versions": [
              {
                "lessThanOrEqual": "5.3.4.4",
                "status": "affected",
                "version": "5.0.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "5.6.0.20",
                "status": "affected",
                "version": "5.4.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-3016",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T19:37:17.784025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T15:09:05.064Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ITK-6DGS-1(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "v5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32LCGS-1(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32TCGS-1(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-6D-1(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-12D-1(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-8LCX-1(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-8TCGX-1(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-6DGS-1A(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32LCGS-1A(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32TCGS-1A(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-6DGS-1P(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32LCGS-1P(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32TCGS-1P(BK) TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-6D-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-12D-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-6DG-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-12DG-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-8LCX-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-8LCG-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32LCG-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-8TCGX-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        },
        {
          "product": "ITK-32TCG-1P(BK)TEL",
          "vendor": "NEC Platforms, Ltd",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Mr. Gianluca Altomani and Mr. Manuel Romei."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNEC Platforms DT900 and DT900S Series 5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.\u003c/p\u003e"
            }
          ],
          "value": "NEC Platforms DT900 and DT900S Series 5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.\n\n"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-09T08:06:30.885Z",
        "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "shortName": "NEC"
      },
      "references": [
        {
          "url": "https://jpn.nec.com/security-info/secinfo/nv24-002_en.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
    "assignerShortName": "NEC",
    "cveId": "CVE-2024-3016",
    "datePublished": "2024-05-09T06:32:39.145Z",
    "dateReserved": "2024-03-27T15:15:52.175Z",
    "dateUpdated": "2024-08-22T15:09:05.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-42134 (GCVE-0-2023-42134)

Vulnerability from cvelistv5 – Published: 2024-01-15 13:28 – Updated: 2025-06-17 21:09
VLAI
Summary
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command. The attacker must have physical USB access to the device in order to exploit this vulnerability.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
PAX Technology POS terminals Affected: 0 , ≤ 11.1.45_20230314 (custom)
Create a notification for this product.
Date Public
2024-01-15 11:00
Credits
Hubert Jasudowicz, Adam Kliś and other members of STM Cyber R&D team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:16:50.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ppn.paxengine.com/release/development"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://blog.stmcyber.com/pax-pos-cves-2023/"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://cert.pl/posts/2024/01/CVE-2023-4818/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-42134",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-16T15:46:58.995811Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T21:09:22.365Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android"
          ],
          "product": "POS terminals",
          "vendor": "PAX Technology",
          "versions": [
            {
              "lessThanOrEqual": "11.1.45_20230314",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Hubert Jasudowicz, Adam Kli\u015b and other members of STM Cyber R\u0026D team"
        }
      ],
      "datePublic": "2024-01-15T11:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003eThe attacker must have physical USB access to the device in order to exploit this vulnerability.\u003cbr\u003e"
            }
          ],
          "value": "PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command.\n\n\n\n\n\nThe attacker must have physical USB access to the device in order to exploit this vulnerability.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-549",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-549 Local Execution of Code"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-15T13:28:53.397Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ppn.paxengine.com/release/development"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://blog.stmcyber.com/pax-pos-cves-2023/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/posts/2024/01/CVE-2023-4818/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2023-42134",
    "datePublished": "2024-01-15T13:28:53.397Z",
    "dateReserved": "2023-09-07T13:17:57.372Z",
    "dateUpdated": "2025-06-17T21:09:22.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25183 (GCVE-0-2023-25183)

Vulnerability from cvelistv5 – Published: 2023-05-22 20:04 – Updated: 2025-01-16 21:33
VLAI
Summary
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Snap One OvrC Cloud Affected: 0 , < 7.3 (custom)
Create a notification for this product.
Credits
Uri Katz of Claroty reported these vulnerabilities to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:18:36.079Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-r.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25183",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:55:27.411014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:33:13.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OvrC Cloud",
          "vendor": "Snap One",
          "versions": [
            {
              "lessThan": "7.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Uri Katz of Claroty reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eIn Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nIn Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Hidden Functionality ",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T20:04:36.888Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-01"
        },
        {
          "url": "https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-r.pdf"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eSnap One has released the following updates/fixes for the affected products:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOvrC Pro v7.2 has been automatically pushed out to devices to update via OvrC cloud.\u003c/li\u003e\u003cli\u003eOvrC Pro v7.3 has been automatically pushed out to devices to update via OvrC cloud.\u003c/li\u003e\u003cli\u003eDisable UPnP.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor more information, see Snap One\u2019s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-p.pdf\"\u003eRelease Notes\u003c/a\u003e.\u003c/p\u003e\n\n"
            }
          ],
          "value": "\nSnap One has released the following updates/fixes for the affected products:\n\n  *  OvrC Pro v7.2 has been automatically pushed out to devices to update via OvrC cloud.\n  *  OvrC Pro v7.3 has been automatically pushed out to devices to update via OvrC cloud.\n  *  Disable UPnP.\n\n\nFor more information, see Snap One\u2019s  Release Notes https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-p.pdf .\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-25183",
    "datePublished": "2023-05-22T20:04:36.888Z",
    "dateReserved": "2023-04-26T19:18:23.272Z",
    "dateUpdated": "2025-01-16T21:33:13.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Installation

Always verify the integrity of the product that is being installed.

CAPEC-133: Try All Common Switches

An attacker attempts to invoke all common switches and options in the target application for the purpose of discovering weaknesses in the target. For example, in some applications, adding a --debug switch causes debugging information to be displayed, which can sometimes reveal sensitive processing or configuration information to an attacker. This attack differs from other forms of API abuse in that the attacker is indiscriminately attempting to invoke options in the hope that one of them will work rather than specifically targeting a known option. Nonetheless, even if the attacker is familiar with the published options of a targeted application this attack method may still be fruitful as it might discover unpublicized functionality.

CAPEC-190: Reverse Engineer an Executable to Expose Assumed Hidden Functionality

An attacker analyzes a binary file or executable for the purpose of discovering the structure, function, and possibly source-code of the file by using a variety of analysis techniques to effectively determine how the software functions and operates. This type of analysis is also referred to as Reverse Code Engineering, as techniques exist for extracting source code from an executable. Several techniques are often employed for this purpose, both black box and white box. The use of computer bus analyzers and packet sniffers allows the binary to be studied at a level of interactions with its computing environment, such as a host OS, inter-process communication, and/or network communication. This type of analysis falls into the 'black box' category because it involves behavioral analysis of the software without reference to source code, object code, or protocol specifications.