CWE-1191
On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
CVE-2023-32666 (GCVE-0-2023-32666)
Vulnerability from cvelistv5
- escalation of privilege
- CWE-1191 - On-chip debug and test interface with improper access control
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
Version: some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html", "tags": [ "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240405-0010/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:intel:e3-1220l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1226_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1230l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1231_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1241_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1246_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1265l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1271_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1275l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1276_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1281_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1285l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1286_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e3-1286l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1428l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1620_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1630_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1650_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1660_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-1680_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2408l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2418l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2428l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2438l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2603_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2608l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2609_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2618l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2620_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2623_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2628l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2630_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2630l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2637_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2640_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2643_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2648l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2650_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2650l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2658a_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2658_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2660_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2667_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2670_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2680_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2683_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2687w_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2690_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2695_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2697_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2698_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-2699_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4610_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4620_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4627_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4640_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4648_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4650_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4655_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4660_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4667_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e5-4669_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-4809_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-4820_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-4830_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-4850_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8860_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8867_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8870_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8880_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8880l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8890_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8891_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:e7-8893_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6142m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3408u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1524n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1563n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1564n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1573n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d1700_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1712tr_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1713nte_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1713nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1715ter_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1718t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1722ne_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1731nte_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1732te_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1733nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1734nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1735tr_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1736nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1746ter_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1747nte_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1748te_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-1749nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2745nx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2757nx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2777nx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2798nx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:windows:*:*", "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:windows:*:*", "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xeon_e-2124g_firmware", "vendor": "intel", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-32666", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-03-15T18:02:00.632301Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-26T20:44:28.557Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX", "vendor": "n/a", "versions": [ { "status": "affected", "version": "some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX" } ] } ], "descriptions": [ { "lang": "en", "value": "On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en" }, { "cweId": "CWE-1191", "description": "On-chip debug and test interface with improper access control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-05T09:05:53.842Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html" }, { "url": "https://security.netapp.com/advisory/ntap-20240405-0010/" } ] } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2023-32666", "datePublished": "2024-03-14T16:45:44.785Z", "dateReserved": "2023-08-04T03:00:04.683Z", "dateUpdated": "2025-02-13T16:54:56.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-41692 (GCVE-0-2024-41692)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
SyroTech | SyroTech SY-GPON-1110-WDONT router |
Version: 3.1.02-231102 |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sy-gpon-1110-wdont_firmware", "vendor": "syrotech", "versions": [ { "status": "affected", "version": "3.1.02-231102" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41692", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-26T12:49:18.593985Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T16:22:01.339Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:46:52.682Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SyroTech SY-GPON-1110-WDONT router", "vendor": "SyroTech", "versions": [ { "status": "affected", "version": "3.1.02-231102" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "These vulnerabilities are discovered by Shravan Singh, Rahul Giri, \u0026 Karan Patel from Redfox Cyber Security Inc, Toronto, Canada." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.\u003cbr\u003e" } ], "value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "baseScore": 8.6, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-01T07:50:52.960Z", "orgId": "66834db9-ab24-42b4-be80-296b2e40335c", "shortName": "CERT-In" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\"\u003ehttp://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\u003c/a\u003e\u003cbr\u003e" } ], "value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\n\n http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view" } ], "source": { "discovery": "UNKNOWN" }, "title": "Incorrect Access Control Vulnerability", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c", "assignerShortName": "CERT-In", "cveId": "CVE-2024-41692", "datePublished": "2024-07-26T12:11:27.774Z", "dateReserved": "2024-07-19T11:24:20.421Z", "dateUpdated": "2024-08-02T04:46:52.682Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-4231 (GCVE-0-2024-4231)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Digisol | Digisol Router DG-GR1321 |
Version: v3.2.02 |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:digisol:dg-gr1321_firmware:3.2.02:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "dg-gr1321_firmware", "vendor": "digisol", "versions": [ { "status": "affected", "version": "3.2.02" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-4231", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T17:06:32.072169Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T17:14:26.318Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:33:52.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Digisol Router DG-GR1321", "vendor": "Digisol", "versions": [ { "status": "affected", "version": "v3.2.02" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eThis vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\u003c/p\u003e\u003cp\u003eSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.\u003c/p\u003e" } ], "value": "This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T12:21:30.085Z", "orgId": "66834db9-ab24-42b4-be80-296b2e40335c", "shortName": "CERT-In" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.digisol.com/firmware/\"\u003ehttps://www.digisol.com/firmware/\u003c/a\u003e\u003cbr\u003e" } ], "value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\n https://www.digisol.com/firmware/" } ], "source": { "discovery": "UNKNOWN" }, "title": "Incorrect Access Control Vulnerability in Digisol Router", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c", "assignerShortName": "CERT-In", "cveId": "CVE-2024-4231", "datePublished": "2024-05-10T13:29:46.081Z", "dateReserved": "2024-04-26T09:44:57.958Z", "dateUpdated": "2024-08-01T20:33:52.975Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-48970 (GCVE-0-2024-48970)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface with Improper Access Control
Vendor | Product | Version | ||
---|---|---|---|---|
Baxter | Life2000 Ventilation System |
Version: 06.08.00.00 and prior |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:baxter:life2000_ventilator_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "life2000_ventilator_firmware", "vendor": "baxter", "versions": [ { "lessThanOrEqual": "06.08.00.00", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-48970", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-18T15:22:31.746766Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-18T15:23:48.292Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Life2000 Ventilation System", "vendor": "Baxter", "versions": [ { "status": "affected", "version": "06.08.00.00 and prior" } ] } ], "datePublic": "2024-11-14T21:28:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure." } ], "value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure." } ], "impacts": [ { "capecId": "CAPEC-117", "descriptions": [ { "lang": "en", "value": "CAPEC-117 Interception" } ] }, { "capecId": "CAPEC-458", "descriptions": [ { "lang": "en", "value": "CAPEC-458 Flash Memory Attacks" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191 On-Chip Debug and Test Interface with Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-14T21:53:34.989Z", "orgId": "dba971b9-eb30-4121-91e1-3b45611354aa", "shortName": "Baxter" }, "references": [ { "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01" } ], "source": { "discovery": "UNKNOWN" }, "title": "Life2000 Ventilator microcontroller lacks memory protection", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "dba971b9-eb30-4121-91e1-3b45611354aa", "assignerShortName": "Baxter", "cveId": "CVE-2024-48970", "datePublished": "2024-11-14T21:31:14.701Z", "dateReserved": "2024-10-10T19:24:41.494Z", "dateUpdated": "2024-11-18T15:23:48.292Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-26408 (GCVE-0-2025-26408)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Wattsense | Wattsense Bridge |
Version: * |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-26408", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T14:40:43.535274Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-22T14:41:30.878Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "Wattsense Bridge", "vendor": "Wattsense", "versions": [ { "status": "affected", "version": "*" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab" }, { "lang": "en", "type": "finder", "value": "Stefan Schweighofer | SEC Consult Vulnerability Lab" }, { "lang": "en", "type": "finder", "value": "Steffen Robertz | SEC Consult Vulnerability Lab" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device\u0027s firmware. All known versions are affected.\u003cbr\u003e\u003cbr\u003e" } ], "value": "The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device\u0027s firmware. All known versions are affected." } ], "impacts": [ { "capecId": "CAPEC-702", "descriptions": [ { "lang": "en", "value": "CAPEC-702 Exploiting Incorrect Chaining or Granularity of Hardware Debug Components" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-11T09:14:28.700Z", "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://r.sec-consult.com/wattsense" }, { "tags": [ "release-notes" ], "url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe device is meant to be installed at a restricted access physical location according to the vendor and exploitation requires\u0026nbsp;\u003c/span\u003emore attacker knowledge and higher physical access. The issue will be put in the backlog of the Wattsense team." } ], "value": "The device is meant to be installed at a restricted access physical location according to the vendor and exploitation requires\u00a0more attacker knowledge and higher physical access. The issue will be put in the backlog of the Wattsense team." } ], "source": { "discovery": "EXTERNAL" }, "title": "Unprotected JTAG Interface", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "assignerShortName": "SEC-VLab", "cveId": "CVE-2025-26408", "datePublished": "2025-02-11T09:14:28.700Z", "dateReserved": "2025-02-10T07:48:38.352Z", "dateUpdated": "2025-03-22T14:41:30.878Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-26409 (GCVE-0-2025-26409)
Vulnerability from cvelistv5
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Wattsense | Wattsense Bridge |
Version: 0 < 6.4.1 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-26409", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T14:38:08.176508Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1299", "description": "CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-17T16:40:45.172Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Wattsense Bridge", "vendor": "Wattsense", "versions": [ { "lessThan": "6.4.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab" }, { "lang": "en", "type": "finder", "value": "Stefan Schweighofer | SEC Consult Vulnerability Lab" }, { "lang": "en", "type": "finder", "value": "Steffen Robertz | SEC Consult Vulnerability Lab" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in\u0026nbsp;recent firmware versions BSP \u0026gt;= 6.4.1." } ], "value": "A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in\u00a0recent firmware versions BSP \u003e= 6.4.1." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1299", "description": "CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-11T09:15:30.131Z", "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://r.sec-consult.com/wattsense" }, { "tags": [ "release-notes" ], "url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in recent firmware versions BSP \u0026gt;= 6.4.1." } ], "value": "This issue is fixed in recent firmware versions BSP \u003e= 6.4.1." } ], "source": { "discovery": "EXTERNAL" }, "title": "Access to Bootloader and Shell Over Serial Interface", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "assignerShortName": "SEC-VLab", "cveId": "CVE-2025-26409", "datePublished": "2025-02-11T09:15:30.131Z", "dateReserved": "2025-02-10T07:48:38.352Z", "dateUpdated": "2025-03-17T16:40:45.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-47819 (GCVE-0-2025-47819)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Vendor | Product | Version | ||
---|---|---|---|---|
Flock Safety | Gunshot Detection devices |
Version: 0 < 1.3 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-47819", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-06-30T18:51:49.384704Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-30T18:55:02.941Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Gunshot Detection devices", "vendor": "Flock Safety", "versions": [ { "lessThan": "1.3", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-06-27T02:09:37.112Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert" } ], "x_generator": { "engine": "enrichogram 0.0.1" } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2025-47819", "datePublished": "2025-06-27T00:00:00.000Z", "dateReserved": "2025-05-10T00:00:00.000Z", "dateUpdated": "2025-06-30T18:55:02.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-47822 (GCVE-0-2025-47822)
Vulnerability from cvelistv5
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Vendor | Product | Version | ||
---|---|---|---|---|
Flock Safety | License Plate Reader |
Version: 0 < |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-47822", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-06-30T18:51:12.457246Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-30T18:51:21.036Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "License Plate Reader", "vendor": "Flock Safety", "versions": [ { "lessThanOrEqual": "2.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-06-27T02:15:51.372Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert" } ], "x_generator": { "engine": "enrichogram 0.0.1" } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2025-47822", "datePublished": "2025-06-27T00:00:00.000Z", "dateReserved": "2025-05-10T00:00:00.000Z", "dateUpdated": "2025-06-30T18:51:21.036Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-7213 (GCVE-0-2025-7213)
Vulnerability from cvelistv5
6.4 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RC:R
6.4 (Medium) - CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RC:R
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-7213", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-07-09T17:27:32.987870Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-07-09T17:28:36.758Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "modules": [ "UART Interface" ], "product": "FNK-GU2", "vendor": "FNKvision", "versions": [ { "status": "affected", "version": "40.1.0" }, { "status": "affected", "version": "40.1.1" }, { "status": "affected", "version": "40.1.2" }, { "status": "affected", "version": "40.1.3" }, { "status": "affected", "version": "40.1.4" }, { "status": "affected", "version": "40.1.5" }, { "status": "affected", "version": "40.1.6" }, { "status": "affected", "version": "40.1.7" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "0xHasta (VulDB User)" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used." }, { "lang": "de", "value": "Es wurde eine kritische Schwachstelle in FNKvision FNK-GU2 bis 40.1.7 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Komponente UART Interface. Dank Manipulation mit unbekannten Daten kann eine on-chip debug and test interface with improper access control-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ], "metrics": [ { "cvssV4_0": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "version": "4.0" } }, { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 6.2, "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1191", "description": "On-Chip Debug and Test Interface With Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-09T03:02:05.807Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "name": "VDB-315162 | FNKvision FNK-GU2 UART Interface on-chip debug and test interface with improper access control", "tags": [ "vdb-entry" ], "url": "https://vuldb.com/?id.315162" }, { "name": "VDB-315162 | CTI Indicators (IOB, IOC)", "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.315162" }, { "name": "Submit #608025 | FNKvision FNK-GU2 Wireless IP Camera Firmware version 40.1.7 and prior On-Chip Debug and Test Interface With Improper Access Control (C", "tags": [ "third-party-advisory" ], "url": "https://vuldb.com/?submit.608025" }, { "tags": [ "exploit" ], "url": "https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21" } ], "timeline": [ { "lang": "en", "time": "2025-07-07T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2025-07-07T02:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2025-07-07T15:24:26.000Z", "value": "VulDB entry last update" } ], "title": "FNKvision FNK-GU2 UART Interface on-chip debug and test interface with improper access control" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2025-7213", "datePublished": "2025-07-09T03:02:05.807Z", "dateReserved": "2025-07-07T13:19:13.819Z", "dateUpdated": "2025-07-09T17:28:36.758Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- If feasible, the manufacturer should disable the JTAG interface or implement authentication and authorization for the JTAG interface. If authentication logic is added, it should be resistant to timing attacks. Security-sensitive data stored in registers, such as keys, etc. should be cleared when entering debug mode.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.
CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels
An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.