CVE-2022-43096

Exploit

EPSS 0.12%
Veröffentlicht 17.11.2022 23:15:23
Zuletzt bearbeitet 30.04.2025 15:15:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via the UART port.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

M5t ≫ Mediatrix 4102s Firmware Version < 48.5.2718

M5t ≫ Mediatrix 4102s Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.324

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1191 On-Chip Debug and Test Interface With Improper Access Control

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

https://documentation.media5corp.com/display/MP/DGW+Security+Improvement+Notes+v48.5.2718

Vendor Advisory

Release Notes

https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-43096

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-43096

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-43096

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-43096