Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by eWeLink
CVE-2024-7206 (GCVE-0-2024-7206)
Vulnerability from cvelistv5 – Published: 2024-10-08 06:14 – Updated: 2024-10-08 18:40
VLAI?
Title
Firmware extraction and Hardware SSL Pinning Bypass
Summary
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eWeLink | Zigbee Bridge Pro |
Affected:
0 , ≤ 2.0.0
(custom)
|
Date Public ?
2024-10-08 06:10
Credits
Aarav Sinha, Senior Security Researcher, FEV India Pvt Ltd.
Jerin Sunny, Security Researcher, FEV India Pvt Ltd.
Shakir Zari,Security Researcher,FEV India Pvt Ltd.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:40:39.737971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:40:56.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"freeRTOS"
],
"product": "Zigbee Bridge Pro",
"vendor": "eWeLink",
"versions": [
{
"lessThanOrEqual": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Aarav Sinha, Senior Security Researcher, FEV India Pvt Ltd."
},
{
"lang": "en",
"type": "reporter",
"value": "Jerin Sunny, Security Researcher, FEV India Pvt Ltd."
},
{
"lang": "en",
"type": "reporter",
"value": "Shakir Zari,Security Researcher,FEV India Pvt Ltd."
}
],
"datePublic": "2024-10-08T06:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SSL Pinning Bypass\u0026nbsp;in\u0026nbsp;eWeLink Some hardware products\u0026nbsp;allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device\u0026nbsp;via Flash the modified firmware"
}
],
"value": "SSL Pinning Bypass\u00a0in\u00a0eWeLink Some hardware products\u00a0allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device\u00a0via Flash the modified firmware"
}
],
"impacts": [
{
"capecId": "CAPEC-184",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-184 Software Integrity Attack"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T06:14:12.144Z",
"orgId": "68870bb1-d075-4169-957d-e580b18692b9",
"shortName": "CoolKit"
},
"references": [
{
"url": "https://ewelink.cc/security-advisory-firmware-extraction-and-hardware-ssl-pinning-bypass/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to firmware 2.1.0 and above\u003cbr\u003e"
}
],
"value": "Upgrade to firmware 2.1.0 and above"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Firmware extraction and Hardware SSL Pinning Bypass",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "68870bb1-d075-4169-957d-e580b18692b9",
"assignerShortName": "CoolKit",
"cveId": "CVE-2024-7206",
"datePublished": "2024-10-08T06:14:12.144Z",
"dateReserved": "2024-07-29T11:11:26.910Z",
"dateUpdated": "2024-10-08T18:40:56.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}