CVE-2023-4818
7.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.
The attacker must have physical USB access to the device in order to exploit this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PAX Technology | A920 | 0 < A920_AP_Boot_Release_V5.14 | affected |
Weaknesses
- CWE-74: CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
ADP Enrichment
CVE Program Container
Additional References
- https://ppn.paxengine.com/release/development
- https://blog.stmcyber.com/pax-pos-cves-2023/
- https://cert.pl/en/posts/2024/01/CVE-2023-4818/
- https://cert.pl/posts/2024/01/CVE-2023-4818/
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://ppn.paxengine.com/release/development
- https://blog.stmcyber.com/pax-pos-cves-2023/
- https://cert.pl/en/posts/2024/01/CVE-2023-4818/
- https://cert.pl/posts/2024/01/CVE-2023-4818/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.