Lucene search

[email protected]NVD:CVE-2023-48424

HistoryDec 11, 2023 - 6:15 a.m.

CVE-2023-48424

2023-12-1106:15:42

[email protected]

web.nvd.nist.gov

u-boot shell

privilege escalation

vulnerability

production device

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.2%

JSON

U-Boot shell vulnerability resulting in Privilege escalation in a production device

Affected configurations

Nvd

Node

googlechromecast_firmwareRange<2023-10-01

AND

googlechromecastMatch-

VendorProductVersionCPE
googlechromecast_firmware*cpe:2.3:o:google:chromecast_firmware:*:*:*:*:*:*:*:*
googlechromecast-cpe:2.3:h:google:chromecast:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chromecast_firmware	*	cpe:2.3:o:google:chromecast_firmware::::::::
google	chromecast	-	cpe:2.3:h:google:chromecast:-:::::::*

References

source.android.com/docs/security/bulletin/chromecast/2023-12-01

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.2%

JSON

Related for NVD:CVE-2023-48424

cve1 prion1 cvelist1