exploitDog

CVE-2023-31279

Опубликовано: 21 дек. 2024

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered devices on the AirVantage platform when the owner has not disabled the AirVantage Management Service on the devices or registered the device. This could enable an attacker to configure, manage, and execute AT commands on an unsuspecting user’s devices.

Ссылки

https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-002/

EPSS

Процентиль: 31%

0.00115

Низкий

8.1 High

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-pq62-7rf2-mhcm

CVSS3: 8.1

github

около 1 года назад

The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered devices on the AirVantage platform when the owner has not disabled the AirVantage Management Service on the devices or registered the device. This could enable an attacker to configure, manage, and execute AT commands on an unsuspecting user’s devices.

EPSS

Процентиль: 31%

0.00115

Низкий

8.1 High

CVSS3

Дефекты

CWE-287