Lucene search

CERT-PLCVELIST:CVE-2023-42135

HistoryJan 15, 2024 - 1:28 p.m.

CVE-2023-42135

2024-01-1513:28:55

CWE-20

CERT-PL

www.cve.org

pax a920pro

a50

local code execution

parameter injection

input validation

usb access

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

26.1%

JSON

PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition.

The attacker must have physical USB access to the device in order to exploit this vulnerability.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "A920 Pro",
    "vendor": "PAX Technology",
    "versions": [
      {
        "lessThanOrEqual": "11.1.50_20230614",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "A50",
    "vendor": "PAX Technology",
    "versions": [
      {
        "lessThanOrEqual": "11.1.50_20230614",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

blog.stmcyber.com/pax-pos-cves-2023/

cert.pl/en/posts/2024/01/CVE-2023-4818/

cert.pl/posts/2024/01/CVE-2023-4818/

ppn.paxengine.com/release/development

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

26.1%

JSON

Related for CVELIST:CVE-2023-42135