Описание
In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-p_dq6-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-p_dq6-1:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-p_dl6-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-p_dl6-1:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-p_ds6-0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-p_ds6-0:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-c:-:*:*:*:*:*:*:*
Конфигурация 5
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-t3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-t3:-:*:*:*:*:*:*:*
Конфигурация 6
Одновременно
cpe:2.3:o:sprecher-automation:sprecon-e-tc_ax-3110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sprecher-automation:sprecon-e-tc_ax-3110:-:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.8
github
больше 2 лет назад
In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.
EPSS
Процентиль: 14%
0.00047
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo