Search criteria
18 vulnerabilities found for chromecast_firmware by google
FKIE_CVE-2023-48426
Vulnerability from fkie_nvd - Published: 2024-04-05 16:15 - Updated: 2025-07-24 15:24
Severity ?
Summary
u-boot bug that allows for u-boot shell and interrupt over UART
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | 5.0 | ||
| chromecast_ga00439 | - | ||
| chromecast_ga3a00403a14 | - | ||
| chromecast_h2g2-42 | - | ||
| chromecast_nc2-645b | - | ||
| chromecast_nc2-6a5 | - | ||
| chromecast_nc2-6a5-d | - | ||
| chromecast_rux-j42 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B39E63-B665-4042-801B-23EEECED38A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast_ga00439:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCDC97A-2175-4C02-97FF-6FBDDFFA65A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_ga3a00403a14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81750BB6-741E-4C51-889F-CB702BDF8599",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_h2g2-42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB854C0-ED97-4A95-B455-2C149D97AAE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_nc2-645b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5473F11C-A665-4D1B-BC65-2E77BDCA66E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_nc2-6a5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D19DFC9-EA87-46F4-AB71-8E3B65F81D52",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_nc2-6a5-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A210F74A-CBB9-4E6E-9815-DDDECA824372",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:chromecast_rux-j42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA7AD970-F23F-4B58-A643-5347FF56D5B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "u-boot bug that allows for u-boot shell and interrupt over UART\n"
},
{
"lang": "es",
"value": "Error de u-boot que permite el shell u-boot y la interrupci\u00f3n a trav\u00e9s de UART"
}
],
"id": "CVE-2023-48426",
"lastModified": "2025-07-24T15:24:07.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "dsap-vuln-management@google.com",
"type": "Secondary"
}
]
},
"published": "2024-04-05T16:15:07.580",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-48424
Vulnerability from fkie_nvd - Published: 2023-12-11 06:15 - Updated: 2024-11-21 08:31
Severity ?
Summary
U-Boot shell vulnerability resulting in Privilege escalation in a production device
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | * | ||
| chromecast | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE9FBBE-6CAD-4FBB-81AE-38F54D5CF228",
"versionEndExcluding": "2023-10-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "256DBC65-47FC-4E97-AD1B-659F3B239AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "U-Boot shell vulnerability resulting in Privilege escalation in a production device"
},
{
"lang": "es",
"value": "Vulnerabilidad del shell U-Boot que provoca una escalada de privilegios en un dispositivo de producci\u00f3n"
}
],
"id": "CVE-2023-48424",
"lastModified": "2024-11-21T08:31:41.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-11T06:15:42.767",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-48417
Vulnerability from fkie_nvd - Published: 2023-12-11 06:15 - Updated: 2024-11-21 08:31
Severity ?
Summary
Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | * | ||
| chromecast | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE9FBBE-6CAD-4FBB-81AE-38F54D5CF228",
"versionEndExcluding": "2023-10-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "256DBC65-47FC-4E97-AD1B-659F3B239AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application"
},
{
"lang": "es",
"value": "Verificaciones de permisos faltantes que resultan en acceso no autorizado y manipulaci\u00f3n en la aplicaci\u00f3n KeyChainActivity"
}
],
"id": "CVE-2023-48417",
"lastModified": "2024-11-21T08:31:40.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-11T06:15:42.667",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-48425
Vulnerability from fkie_nvd - Published: 2023-12-11 06:15 - Updated: 2025-05-27 15:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
U-Boot vulnerability resulting in persistent Code Execution
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | * | ||
| chromecast | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE9FBBE-6CAD-4FBB-81AE-38F54D5CF228",
"versionEndExcluding": "2023-10-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "256DBC65-47FC-4E97-AD1B-659F3B239AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "U-Boot vulnerability resulting in persistent Code Execution\u00a0"
},
{
"lang": "es",
"value": "Vulnerabilidad de U-Boot que resulta en una ejecuci\u00f3n de c\u00f3digo persistente"
}
],
"id": "CVE-2023-48425",
"lastModified": "2025-05-27T15:15:31.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-12-11T06:15:42.813",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-6181
Vulnerability from fkie_nvd - Published: 2023-12-11 06:15 - Updated: 2024-11-21 08:43
Severity ?
Summary
An oversight in BCB handling of reboot reason that allows for persistent code execution
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | * | ||
| chromecast | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE9FBBE-6CAD-4FBB-81AE-38F54D5CF228",
"versionEndExcluding": "2023-10-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "256DBC65-47FC-4E97-AD1B-659F3B239AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An oversight in BCB handling of reboot reason that allows for persistent code execution"
},
{
"lang": "es",
"value": "Un descuido en el manejo del BCB del motivo de reinicio que permite la ejecuci\u00f3n persistente del c\u00f3digo."
}
],
"id": "CVE-2023-6181",
"lastModified": "2024-11-21T08:43:18.390",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-11T06:15:42.893",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-12716
Vulnerability from fkie_nvd - Published: 2018-06-25 02:29 - Updated: 2024-11-21 03:45
Severity ?
Summary
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chromecast_firmware | - | ||
| chromecast | - | ||
| home_firmware | - | ||
| home | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chromecast_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "134970F5-6E61-445C-8D2E-D949B7FE1214",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "256DBC65-47FC-4E97-AD1B-659F3B239AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:home_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB2CCA0-DF27-47F2-9BFE-8E20372F8D14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:home:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432EEFBF-0A5C-4271-A192-E25E60838844",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request."
},
{
"lang": "es",
"value": "El servicio API en dispositivos Google Home y Chromecast anteriores a mediados de julio de 2018 no evita ataques de reenlace DNS al leer los datos JSON scan_results. Esto permite que atacantes remotos determinen la ubicaci\u00f3n f\u00edsica de la mayor parte de navegadores web aprovechando la presencia de uno de estos dispositivos en su red local, extrayendo los campos bssid scan_results y envi\u00e1ndolos en una petici\u00f3n geolocation/v1/geolocate de la API Geolocation de Google Maps."
}
],
"id": "CVE-2018-12716",
"lastModified": "2024-11-21T03:45:43.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-25T02:29:00.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-48426 (GCVE-0-2023-48426)
Vulnerability from cvelistv5 – Published: 2024-04-05 15:23 – Updated: 2025-03-28 18:58
VLAI?
Summary
u-boot bug that allows for u-boot shell and interrupt over UART
Severity ?
10 (Critical)
CWE
- compromise user data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Chromecast |
Affected:
5.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:35.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:google:chromecast:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chromecast",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T21:14:12.255337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T18:58:40.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Chromecast",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eu-boot bug that allows for u-boot shell and interrupt over UART\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "u-boot bug that allows for u-boot shell and interrupt over UART\n"
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "compromise user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T15:23:06.880Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Chromecast Bootloader \u0026 Kernel-level code-execution including compromise of user-data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48426",
"datePublished": "2024-04-05T15:23:06.880Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2025-03-28T18:58:40.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6181 (GCVE-0-2023-6181)
Vulnerability from cvelistv5 – Published: 2023-12-11 05:17 – Updated: 2024-08-02 08:21
VLAI?
Summary
An oversight in BCB handling of reboot reason that allows for persistent code execution
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An oversight in BCB handling of reboot reason that allows for persistent code execution"
}
],
"value": "An oversight in BCB handling of reboot reason that allows for persistent code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:17:05.043Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-6181",
"datePublished": "2023-12-11T05:17:05.043Z",
"dateReserved": "2023-11-16T19:53:59.529Z",
"dateUpdated": "2024-08-02T08:21:17.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48425 (GCVE-0-2023-48425)
Vulnerability from cvelistv5 – Published: 2023-12-11 05:15 – Updated: 2025-05-27 14:44
VLAI?
Summary
U-Boot vulnerability resulting in persistent Code Execution
Severity ?
9.8 (Critical)
CWE
- Remote code execution
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:42:59.782986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T14:44:28.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "U-Boot vulnerability resulting in persistent Code Execution\u0026nbsp;"
}
],
"value": "U-Boot vulnerability resulting in persistent Code Execution\u00a0"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:15:59.638Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48425",
"datePublished": "2023-12-11T05:15:59.638Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2025-05-27T14:44:28.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48424 (GCVE-0-2023-48424)
Vulnerability from cvelistv5 – Published: 2023-12-11 05:13 – Updated: 2024-08-02 21:30
VLAI?
Summary
U-Boot shell vulnerability resulting in Privilege escalation in a production device
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "U-Boot shell vulnerability resulting in Privilege escalation in a production device"
}
],
"value": "U-Boot shell vulnerability resulting in Privilege escalation in a production device"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:13:01.011Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48424",
"datePublished": "2023-12-11T05:13:01.011Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2024-08-02T21:30:34.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48417 (GCVE-0-2023-48417)
Vulnerability from cvelistv5 – Published: 2023-12-11 05:09 – Updated: 2024-08-02 21:30
VLAI?
Summary
Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application"
}
],
"value": "Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:09:59.659Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48417",
"datePublished": "2023-12-11T05:09:48.557Z",
"dateReserved": "2023-11-16T16:28:09.701Z",
"dateUpdated": "2024-08-02T21:30:34.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12716 (GCVE-0-2018-12716)
Vulnerability from cvelistv5 – Published: 2018-06-25 02:00 – Updated: 2024-09-17 01:15
VLAI?
Summary
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:45:02.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-25T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12716",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/",
"refsource": "MISC",
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"name": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325",
"refsource": "MISC",
"url": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"name": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/",
"refsource": "MISC",
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"name": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/",
"refsource": "MISC",
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12716",
"datePublished": "2018-06-25T02:00:00Z",
"dateReserved": "2018-06-24T00:00:00Z",
"dateUpdated": "2024-09-17T01:15:52.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48426 (GCVE-0-2023-48426)
Vulnerability from nvd – Published: 2024-04-05 15:23 – Updated: 2025-03-28 18:58
VLAI?
Summary
u-boot bug that allows for u-boot shell and interrupt over UART
Severity ?
10 (Critical)
CWE
- compromise user data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Chromecast |
Affected:
5.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:35.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:google:chromecast:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chromecast",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T21:14:12.255337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T18:58:40.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Chromecast",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eu-boot bug that allows for u-boot shell and interrupt over UART\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "u-boot bug that allows for u-boot shell and interrupt over UART\n"
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "compromise user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T15:23:06.880Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Chromecast Bootloader \u0026 Kernel-level code-execution including compromise of user-data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48426",
"datePublished": "2024-04-05T15:23:06.880Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2025-03-28T18:58:40.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6181 (GCVE-0-2023-6181)
Vulnerability from nvd – Published: 2023-12-11 05:17 – Updated: 2024-08-02 08:21
VLAI?
Summary
An oversight in BCB handling of reboot reason that allows for persistent code execution
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An oversight in BCB handling of reboot reason that allows for persistent code execution"
}
],
"value": "An oversight in BCB handling of reboot reason that allows for persistent code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:17:05.043Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-6181",
"datePublished": "2023-12-11T05:17:05.043Z",
"dateReserved": "2023-11-16T19:53:59.529Z",
"dateUpdated": "2024-08-02T08:21:17.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48425 (GCVE-0-2023-48425)
Vulnerability from nvd – Published: 2023-12-11 05:15 – Updated: 2025-05-27 14:44
VLAI?
Summary
U-Boot vulnerability resulting in persistent Code Execution
Severity ?
9.8 (Critical)
CWE
- Remote code execution
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:42:59.782986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T14:44:28.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "U-Boot vulnerability resulting in persistent Code Execution\u0026nbsp;"
}
],
"value": "U-Boot vulnerability resulting in persistent Code Execution\u00a0"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:15:59.638Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48425",
"datePublished": "2023-12-11T05:15:59.638Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2025-05-27T14:44:28.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48424 (GCVE-0-2023-48424)
Vulnerability from nvd – Published: 2023-12-11 05:13 – Updated: 2024-08-02 21:30
VLAI?
Summary
U-Boot shell vulnerability resulting in Privilege escalation in a production device
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "U-Boot shell vulnerability resulting in Privilege escalation in a production device"
}
],
"value": "U-Boot shell vulnerability resulting in Privilege escalation in a production device"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:13:01.011Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48424",
"datePublished": "2023-12-11T05:13:01.011Z",
"dateReserved": "2023-11-16T16:28:09.702Z",
"dateUpdated": "2024-08-02T21:30:34.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48417 (GCVE-0-2023-48417)
Vulnerability from nvd – Published: 2023-12-11 05:09 – Updated: 2024-08-02 21:30
VLAI?
Summary
Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application"
}
],
"value": "Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T05:09:59.659Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-12-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-48417",
"datePublished": "2023-12-11T05:09:48.557Z",
"dateReserved": "2023-11-16T16:28:09.701Z",
"dateUpdated": "2024-08-02T21:30:34.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12716 (GCVE-0-2018-12716)
Vulnerability from nvd – Published: 2018-06-25 02:00 – Updated: 2024-09-17 01:15
VLAI?
Summary
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:45:02.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-25T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12716",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/",
"refsource": "MISC",
"url": "https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/"
},
{
"name": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325",
"refsource": "MISC",
"url": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"name": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/",
"refsource": "MISC",
"url": "https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/"
},
{
"name": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/",
"refsource": "MISC",
"url": "https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12716",
"datePublished": "2018-06-25T02:00:00Z",
"dateReserved": "2018-06-24T00:00:00Z",
"dateUpdated": "2024-09-17T01:15:52.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}