CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.6%
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrary firmware updates, resulting in code execution.
Vendor | Product | Version | CPE |
---|---|---|---|
control4 | ca-1 | - | cpe:2.3:h:control4:ca-1:-:*:*:*:*:*:*:* |
control4 | ca-10 | - | cpe:2.3:h:control4:ca-10:-:*:*:*:*:*:*:* |
control4 | ea-1 | - | cpe:2.3:h:control4:ea-1:-:*:*:*:*:*:*:* |
control4 | ea-3 | - | cpe:2.3:h:control4:ea-3:-:*:*:*:*:*:*:* |
control4 | ea-5 | - | cpe:2.3:h:control4:ea-5:-:*:*:*:*:*:*:* |
snapone | an-110-rt-2l1w | - | cpe:2.3:h:snapone:an-110-rt-2l1w:-:*:*:*:*:*:*:* |
snapone | an-110-rt-2l1w-wifi | - | cpe:2.3:h:snapone:an-110-rt-2l1w-wifi:-:*:*:*:*:*:*:* |
snapone | an-310-rt-4l2w | - | cpe:2.3:h:snapone:an-310-rt-4l2w:-:*:*:*:*:*:*:* |
snapone | ovrc-300-pro | - | cpe:2.3:h:snapone:ovrc-300-pro:-:*:*:*:*:*:*:* |
snapone | pakedge_rk-1 | - | cpe:2.3:h:snapone:pakedge_rk-1:-:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"product": "OvrC Cloud",
"vendor": "Snap One",
"versions": [
{
"lessThan": "7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]