CVE-2023-2626

🗓️ 25 Jul 2023 17:07:02Reported by GoogleType

CVE-2023-2626: Authentication bypass vulnerability in OpenThread border router devices and implementations, allowing unauthenticated nodes to craft radio frames using "Key ID Mode 2" for arbitrary IP packets on Thread network

Reporter	Title	Published	Views	Family All 9
CNNVD	Google Nest 授权问题漏洞	25 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices	25 Jul 202317:07	–	cvelist
EUVD	EUVD-2023-34097	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2626	25 Jul 202318:15	–	nvd
OSV	CVE-2023-2626	25 Jul 202318:15	–	osv
Prion	Authentication flaw	25 Jul 202318:15	–	prion
Positive Technologies	PT-2023-20568 · Unknown · Openthread	25 Jul 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-2626	23 May 202501:53	–	redhatcve
Vulnrichment	CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices	25 Jul 202317:07	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

google nest_hub_max_firmwareRange10.20221207.2.109–10.20221207.2.120

AND

google nest_hub_maxMatch-

Node

google nest_hub_firmwareRange10.20221207.2.100038–10.20221207.2.100042

AND

google nest_hubMatch-

Node

google wifi_firmwareRange14150.881.7–14150.882.9

AND

google wifiMatch-

Node

google nest_wifi_point_firmwareRange1.56.1–1.56.368671

AND

google nest_wifi_pointMatch-

Node

google nest_wifi_6e_firmwareRange1.59–1.63.355999

AND

google nest_wifi_6eMatch-

[
  {
    "defaultStatus": "unaffected",
    "product": "Nest Hub Max",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "10.20221207.2.120",
        "status": "affected",
        "version": "10.20221207.2.109",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nest Hub (2nd. gen) w/ Sleep Tracking",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "10.20221207.2.100042",
        "status": "affected",
        "version": "10.20221207.2.100038",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nest Wifi 6E",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "1.63.355999",
        "status": "affected",
        "version": "1.59",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Google Wifi (next gen)",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "14150.882.9",
        "status": "affected",
        "version": "14150.881.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nest Wifi Point",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "1.56.368671",
        "status": "affected",
        "version": "1.56.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nest Hub Max",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "10.20221207.2.120",
        "status": "affected",
        "version": "10.20221207.2.109",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Nest Hub (2nd. gen) w/ Sleep Tracking",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "10.20221207.2.100042",
        "status": "affected",
        "version": "10.20221207.2.100038",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
support	www.support.google.com/product-documentation/answer/13588832

21 Nov 2024 07:58Current

8.4High risk

Vulners AI Score8.4

CVSS 3.17.5 - 8.8

EPSS0.0001

SSVC

CWE-287