CWE-1191
On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
CVE-2023-32666 (GCVE-0-2023-32666)
Vulnerability from cvelistv5 – Published: 2024-03-14 16:45 – Updated: 2025-02-13 16:54
VLAI?
Summary
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.2 (High)
CWE
- escalation of privilege
- CWE-1191 - On-chip debug and test interface with improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
Affected:
some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:intel:e3-1220l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1226_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1230l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1231_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1241_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1246_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1265l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1271_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1275l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1276_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1281_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1285l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1286_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1286l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1428l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1680_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2408l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2418l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2428l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2438l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2603_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2608l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2609_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2618l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2623_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2628l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2630l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2637_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2640_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2643_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2648l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2650l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2658a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2658_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2667_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2670_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2680_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2683_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2687w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2690_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2695_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2697_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2698_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2699_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4610_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4627_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4640_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4648_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4655_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4667_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4669_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4809_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4820_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4830_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4850_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8860_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8867_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8870_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8880_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8880l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8890_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8891_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8893_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3408u_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1524n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1563n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1564n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1573n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d1700_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1712tr_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1713nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1713nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1715ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1718t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1722ne_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1731nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1732te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1733nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1734nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1735tr_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1736nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1746ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1747nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1748te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1749nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2745nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2757nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2777nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2798nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:windows:*:*",
"cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:windows:*:*",
"cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xeon_e-2124g_firmware",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T18:02:00.632301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T20:44:28.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-1191",
"description": "On-chip debug and test interface with improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T09:05:53.842Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-32666",
"datePublished": "2024-03-14T16:45:44.785Z",
"dateReserved": "2023-08-04T03:00:04.683Z",
"dateUpdated": "2025-02-13T16:54:56.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41692 (GCVE-0-2024-41692)
Vulnerability from cvelistv5 – Published: 2024-07-26 12:11 – Updated: 2024-08-02 04:46
VLAI?
Title
Incorrect Access Control Vulnerability
Summary
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.
Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.
Severity ?
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SyroTech | SyroTech SY-GPON-1110-WDONT router |
Affected:
3.1.02-231102
|
Credits
These vulnerabilities are discovered by Shravan Singh, Rahul Giri, & Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sy-gpon-1110-wdont_firmware",
"vendor": "syrotech",
"versions": [
{
"status": "affected",
"version": "3.1.02-231102"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T12:49:18.593985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T16:22:01.339Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:46:52.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SyroTech SY-GPON-1110-WDONT router",
"vendor": "SyroTech",
"versions": [
{
"status": "affected",
"version": "3.1.02-231102"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "These vulnerabilities are discovered by Shravan Singh, Rahul Giri, \u0026 Karan Patel from Redfox Cyber Security Inc, Toronto, Canada."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.\u003cbr\u003e"
}
],
"value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T07:50:52.960Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\"\u003ehttp://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\n\n http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Access Control Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2024-41692",
"datePublished": "2024-07-26T12:11:27.774Z",
"dateReserved": "2024-07-19T11:24:20.421Z",
"dateUpdated": "2024-08-02T04:46:52.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4231 (GCVE-0-2024-4231)
Vulnerability from cvelistv5 – Published: 2024-05-10 13:29 – Updated: 2024-08-01 20:33
VLAI?
Title
Incorrect Access Control Vulnerability in Digisol Router
Summary
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.
Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.
Severity ?
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Digisol | Digisol Router DG-GR1321 |
Affected:
v3.2.02
|
Credits
This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:digisol:dg-gr1321_firmware:3.2.02:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "dg-gr1321_firmware",
"vendor": "digisol",
"versions": [
{
"status": "affected",
"version": "3.2.02"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-4231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T17:06:32.072169Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T17:14:26.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:33:52.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Digisol Router DG-GR1321",
"vendor": "Digisol",
"versions": [
{
"status": "affected",
"version": "v3.2.02"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\u003c/p\u003e\u003cp\u003eSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.\u003c/p\u003e"
}
],
"value": "This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T12:21:30.085Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.digisol.com/firmware/\"\u003ehttps://www.digisol.com/firmware/\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\n https://www.digisol.com/firmware/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Access Control Vulnerability in Digisol Router",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2024-4231",
"datePublished": "2024-05-10T13:29:46.081Z",
"dateReserved": "2024-04-26T09:44:57.958Z",
"dateUpdated": "2024-08-01T20:33:52.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48970 (GCVE-0-2024-48970)
Vulnerability from cvelistv5 – Published: 2024-11-14 21:31 – Updated: 2024-11-18 15:23
VLAI?
Title
Life2000 Ventilator microcontroller lacks memory protection
Summary
The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure.
Severity ?
9.3 (Critical)
CWE
- CWE-1191 - On-Chip Debug and Test Interface with Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Baxter | Life2000 Ventilation System |
Affected:
06.08.00.00 and prior
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:baxter:life2000_ventilator_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "life2000_ventilator_firmware",
"vendor": "baxter",
"versions": [
{
"lessThanOrEqual": "06.08.00.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:22:31.746766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:23:48.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Life2000 Ventilation System",
"vendor": "Baxter",
"versions": [
{
"status": "affected",
"version": "06.08.00.00 and prior"
}
]
}
],
"datePublic": "2024-11-14T21:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure."
}
],
"value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
},
{
"capecId": "CAPEC-458",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-458 Flash Memory Attacks"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191 On-Chip Debug and Test Interface with Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T21:53:34.989Z",
"orgId": "dba971b9-eb30-4121-91e1-3b45611354aa",
"shortName": "Baxter"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Life2000 Ventilator microcontroller lacks memory protection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dba971b9-eb30-4121-91e1-3b45611354aa",
"assignerShortName": "Baxter",
"cveId": "CVE-2024-48970",
"datePublished": "2024-11-14T21:31:14.701Z",
"dateReserved": "2024-10-10T19:24:41.494Z",
"dateUpdated": "2024-11-18T15:23:48.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-12114 (GCVE-0-2025-12114)
Vulnerability from cvelistv5 – Published: 2025-10-23 15:29 – Updated: 2025-10-23 15:39
VLAI?
Title
Serial Console Enabled
Summary
Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
Severity ?
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Azure Access Technology | BLU-IC2 |
Affected:
0 , ≤ 1.19.5
(semver)
|
|||||||
|
|||||||||
Credits
Kevin Schaller
Benjamin Lafois
Alexi Bitsios
Sebastian Toscano
Dominik Schneider
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12114",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T15:39:28.696245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T15:39:46.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BLU-IC2",
"vendor": "Azure Access Technology",
"versions": [
{
"lessThanOrEqual": "1.19.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BLU-IC4",
"vendor": "Azure Access Technology",
"versions": [
{
"lessThanOrEqual": "1.19.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kevin Schaller"
},
{
"lang": "en",
"type": "finder",
"value": "Benjamin Lafois"
},
{
"lang": "en",
"type": "finder",
"value": "Alexi Bitsios"
},
{
"lang": "en",
"type": "finder",
"value": "Sebastian Toscano"
},
{
"lang": "en",
"type": "finder",
"value": "Dominik Schneider"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEnabled\u0026nbsp;\u003c/span\u003eserial console could potentially leak information that might help attacker to find vulnerabilities.\u003cp\u003eThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.\u003c/p\u003e"
}
],
"value": "Enabled\u00a0serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T15:29:13.361Z",
"orgId": "a0340c66-c385-4f8b-991b-3d05f6fd5220",
"shortName": "azure-access"
},
"references": [
{
"url": "https://azure-access.com/security-advisories"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Serial Console Enabled",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a0340c66-c385-4f8b-991b-3d05f6fd5220",
"assignerShortName": "azure-access",
"cveId": "CVE-2025-12114",
"datePublished": "2025-10-23T15:29:13.361Z",
"dateReserved": "2025-10-23T15:23:36.517Z",
"dateUpdated": "2025-10-23T15:39:46.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-15083 (GCVE-0-2025-15083)
Vulnerability from cvelistv5 – Published: 2025-12-25 17:32 – Updated: 2025-12-25 17:32
VLAI?
Title
TOZED ZLT M30s UART on-chip debug and test interface with improper access control
Summary
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TOZED | ZLT M30s |
Affected:
1.0
Affected: 1.1 Affected: 1.2 Affected: 1.3 Affected: 1.4 Affected: 1.5 Affected: 1.6 Affected: 1.7 Affected: 1.8 Affected: 1.9 Affected: 1.10 Affected: 1.11 Affected: 1.12 Affected: 1.13 Affected: 1.14 Affected: 1.15 Affected: 1.16 Affected: 1.17 Affected: 1.18 Affected: 1.19 Affected: 1.20 Affected: 1.21 Affected: 1.22 Affected: 1.23 Affected: 1.24 Affected: 1.25 Affected: 1.26 Affected: 1.27 Affected: 1.28 Affected: 1.29 Affected: 1.30 Affected: 1.31 Affected: 1.32 Affected: 1.33 Affected: 1.34 Affected: 1.35 Affected: 1.36 Affected: 1.37 Affected: 1.38 Affected: 1.39 Affected: 1.40 Affected: 1.41 Affected: 1.42 Affected: 1.43 Affected: 1.44 Affected: 1.45 Affected: 1.46 Affected: 1.47 |
Credits
S33K3R (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"UART Interface"
],
"product": "ZLT M30s",
"vendor": "TOZED",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.3"
},
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.7"
},
{
"status": "affected",
"version": "1.8"
},
{
"status": "affected",
"version": "1.9"
},
{
"status": "affected",
"version": "1.10"
},
{
"status": "affected",
"version": "1.11"
},
{
"status": "affected",
"version": "1.12"
},
{
"status": "affected",
"version": "1.13"
},
{
"status": "affected",
"version": "1.14"
},
{
"status": "affected",
"version": "1.15"
},
{
"status": "affected",
"version": "1.16"
},
{
"status": "affected",
"version": "1.17"
},
{
"status": "affected",
"version": "1.18"
},
{
"status": "affected",
"version": "1.19"
},
{
"status": "affected",
"version": "1.20"
},
{
"status": "affected",
"version": "1.21"
},
{
"status": "affected",
"version": "1.22"
},
{
"status": "affected",
"version": "1.23"
},
{
"status": "affected",
"version": "1.24"
},
{
"status": "affected",
"version": "1.25"
},
{
"status": "affected",
"version": "1.26"
},
{
"status": "affected",
"version": "1.27"
},
{
"status": "affected",
"version": "1.28"
},
{
"status": "affected",
"version": "1.29"
},
{
"status": "affected",
"version": "1.30"
},
{
"status": "affected",
"version": "1.31"
},
{
"status": "affected",
"version": "1.32"
},
{
"status": "affected",
"version": "1.33"
},
{
"status": "affected",
"version": "1.34"
},
{
"status": "affected",
"version": "1.35"
},
{
"status": "affected",
"version": "1.36"
},
{
"status": "affected",
"version": "1.37"
},
{
"status": "affected",
"version": "1.38"
},
{
"status": "affected",
"version": "1.39"
},
{
"status": "affected",
"version": "1.40"
},
{
"status": "affected",
"version": "1.41"
},
{
"status": "affected",
"version": "1.42"
},
{
"status": "affected",
"version": "1.43"
},
{
"status": "affected",
"version": "1.44"
},
{
"status": "affected",
"version": "1.45"
},
{
"status": "affected",
"version": "1.46"
},
{
"status": "affected",
"version": "1.47"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "S33K3R (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-25T17:32:06.260Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-338411 | TOZED ZLT M30s UART on-chip debug and test interface with improper access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.338411"
},
{
"name": "VDB-338411 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.338411"
},
{
"name": "Submit #707974 | TOZED ZLT M30s 1.47 Improper Access Control in Debug Interface",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.707974"
},
{
"tags": [
"exploit"
],
"url": "https://hacklab.eu.org/blogs/zlt_m30s_debug_interface"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-25T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-25T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-25T10:42:28.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOZED ZLT M30s UART on-chip debug and test interface with improper access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15083",
"datePublished": "2025-12-25T17:32:06.260Z",
"dateReserved": "2025-12-25T09:36:38.360Z",
"dateUpdated": "2025-12-25T17:32:06.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26408 (GCVE-0-2025-26408)
Vulnerability from cvelistv5 – Published: 2025-02-11 09:14 – Updated: 2025-11-03 21:12
VLAI?
Title
Unprotected JTAG Interface
Summary
The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected.
Severity ?
6.1 (Medium)
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wattsense | Wattsense Bridge |
Affected:
*
|
Credits
Constantin Schieber-Knöbl | SEC Consult Vulnerability Lab
Stefan Schweighofer | SEC Consult Vulnerability Lab
Steffen Robertz | SEC Consult Vulnerability Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-26408",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:40:43.535274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-22T14:41:30.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:12:50.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Feb/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Wattsense Bridge",
"vendor": "Wattsense",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Stefan Schweighofer | SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Steffen Robertz | SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device\u0027s firmware. All known versions are affected.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device\u0027s firmware. All known versions are affected."
}
],
"impacts": [
{
"capecId": "CAPEC-702",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-702 Exploiting Incorrect Chaining or Granularity of Hardware Debug Components"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T09:14:28.700Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/wattsense"
},
{
"tags": [
"release-notes"
],
"url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe device is meant to be installed at a restricted access physical location according to the vendor and exploitation requires\u0026nbsp;\u003c/span\u003emore attacker knowledge and higher physical access. The issue will be put in the backlog of the Wattsense team."
}
],
"value": "The device is meant to be installed at a restricted access physical location according to the vendor and exploitation requires\u00a0more attacker knowledge and higher physical access. The issue will be put in the backlog of the Wattsense team."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unprotected JTAG Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-26408",
"datePublished": "2025-02-11T09:14:28.700Z",
"dateReserved": "2025-02-10T07:48:38.352Z",
"dateUpdated": "2025-11-03T21:12:50.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26409 (GCVE-0-2025-26409)
Vulnerability from cvelistv5 – Published: 2025-02-11 09:15 – Updated: 2025-11-03 21:12
VLAI?
Title
Access to Bootloader and Shell Over Serial Interface
Summary
A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in recent firmware versions BSP >= 6.4.1.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wattsense | Wattsense Bridge |
Affected:
0 , < 6.4.1
(custom)
|
Credits
Constantin Schieber-Knöbl | SEC Consult Vulnerability Lab
Stefan Schweighofer | SEC Consult Vulnerability Lab
Steffen Robertz | SEC Consult Vulnerability Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-26409",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:38:08.176508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1299",
"description": "CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T16:40:45.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:12:51.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Feb/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Wattsense Bridge",
"vendor": "Wattsense",
"versions": [
{
"lessThan": "6.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Stefan Schweighofer | SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Steffen Robertz | SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in\u0026nbsp;recent firmware versions BSP \u0026gt;= 6.4.1."
}
],
"value": "A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in\u00a0recent firmware versions BSP \u003e= 6.4.1."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1299",
"description": "CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T09:15:30.131Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/wattsense"
},
{
"tags": [
"release-notes"
],
"url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in recent firmware versions BSP \u0026gt;= 6.4.1."
}
],
"value": "This issue is fixed in recent firmware versions BSP \u003e= 6.4.1."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Access to Bootloader and Shell Over Serial Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-26409",
"datePublished": "2025-02-11T09:15:30.131Z",
"dateReserved": "2025-02-10T07:48:38.352Z",
"dateUpdated": "2025-11-03T21:12:51.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-36755 (GCVE-0-2025-36755)
Vulnerability from cvelistv5 – Published: 2025-12-12 14:58 – Updated: 2025-12-13 08:16
VLAI?
Title
CleverDisplay BlueOne unauthorized BIOS access through physical USB keyboard
Summary
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device’s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CleverDisplay B.V. | BlueOne (CleverDisplay Hardware Player) |
Affected:
12.11.1
(semver)
Unaffected: 12.12.1 , ≤ * (semver) |
Credits
Alwin Warringa, Tom Dantuma, Ruben Meeuwissen, and Ramon Dunker.
Dennis Kussendrager (DIVD)
Victor Pasman (DIVD)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T18:50:02.532239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T18:50:19.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Enclosure / USB keyboard interface / BIOS \u0026 GRUB boot process"
],
"product": "BlueOne (CleverDisplay Hardware Player)",
"vendor": "CleverDisplay B.V.",
"versions": [
{
"status": "affected",
"version": "12.11.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "12.12.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alwin Warringa, Tom Dantuma, Ruben Meeuwissen, and Ramon Dunker."
},
{
"lang": "en",
"type": "analyst",
"value": "Dennis Kussendrager (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Victor Pasman (DIVD)"
}
],
"datePublic": "2025-08-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device\u2019s protective enclosure, it was possible to connect a USB keyboard and press \u003cstrong\u003eESC\u003c/strong\u003e during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations."
}
],
"value": "The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device\u2019s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Proof-of-concept demonstrated by researchers at WHY2025; exploitation confirmed limited to BIOS access without ability to modify settings.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Proof-of-concept demonstrated by researchers at WHY2025; exploitation confirmed limited to BIOS access without ability to modify settings."
}
],
"impacts": [
{
"capecId": "CAPEC-522",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-522 Malicious Hardware Component Replacement"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 2.4,
"baseSeverity": "LOW",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1244",
"description": "CWE-1244: Internal Asset Exposed to Unsafe Debug Access Level or State",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-13T08:16:14.495Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2025-5743/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/DIVD-2025-00043"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BlueOne firmware version 12.2.1 introduces default BIOS password protection and Secure Boot enablement, preventing unauthorized BIOS access."
}
],
"value": "BlueOne firmware version 12.2.1 introduces default BIOS password protection and Secure Boot enablement, preventing unauthorized BIOS access."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CleverDisplay BlueOne unauthorized BIOS access through physical USB keyboard",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2025-36755",
"datePublished": "2025-12-12T14:58:22.970Z",
"dateReserved": "2025-04-15T21:54:36.815Z",
"dateUpdated": "2025-12-13T08:16:14.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47819 (GCVE-0-2025-47819)
Vulnerability from cvelistv5 – Published: 2025-06-27 00:00 – Updated: 2025-09-02 16:24
VLAI?
Summary
Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.
Severity ?
6.4 (Medium)
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Flock Safety | Gunshot Detection devices |
Affected:
0 , < 1.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T18:51:49.384704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T18:55:02.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Gunshot Detection devices",
"vendor": "Flock Safety",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T16:24:24.424Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert"
},
{
"url": "https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/"
},
{
"url": "https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf"
},
{
"url": "https://gainsec.com/2025/06/19/plucked-and-rooted-device-1-debug-shell-on-flock-safetys-raven-gunshot-detection-system/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-47819",
"datePublished": "2025-06-27T00:00:00.000Z",
"dateReserved": "2025-05-10T00:00:00.000Z",
"dateUpdated": "2025-09-02T16:24:24.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- If feasible, the manufacturer should disable the JTAG interface or implement authentication and authorization for the JTAG interface. If authentication logic is added, it should be resistant to timing attacks. Security-sensitive data stored in registers, such as keys, etc. should be cleared when entering debug mode.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.
CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels
An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.