CVE-2023-28386
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.6%
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrary firmware updates, resulting in code execution.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| control4 | ca-1 | - | cpe:2.3:h:control4:ca-1:-:*:*:*:*:*:*:* |
| control4 | ca-10 | - | cpe:2.3:h:control4:ca-10:-:*:*:*:*:*:*:* |
| control4 | ea-1 | - | cpe:2.3:h:control4:ea-1:-:*:*:*:*:*:*:* |
| control4 | ea-3 | - | cpe:2.3:h:control4:ea-3:-:*:*:*:*:*:*:* |
| control4 | ea-5 | - | cpe:2.3:h:control4:ea-5:-:*:*:*:*:*:*:* |
| snapone | an-110-rt-2l1w | - | cpe:2.3:h:snapone:an-110-rt-2l1w:-:*:*:*:*:*:*:* |
| snapone | an-110-rt-2l1w-wifi | - | cpe:2.3:h:snapone:an-110-rt-2l1w-wifi:-:*:*:*:*:*:*:* |
| snapone | an-310-rt-4l2w | - | cpe:2.3:h:snapone:an-310-rt-4l2w:-:*:*:*:*:*:*:* |
| snapone | ovrc-300-pro | - | cpe:2.3:h:snapone:ovrc-300-pro:-:*:*:*:*:*:*:* |
| snapone | pakedge_rk-1 | - | cpe:2.3:h:snapone:pakedge_rk-1:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.6%