Lucene search

[email protected]NVD:CVE-2024-28326

HistoryApr 26, 2024 - 8:15 p.m.

CVE-2024-28326

2024-04-2620:15:07

CWE-1263

[email protected]

web.nvd.nist.gov

access control

local attackers

root terminal

uart interface

asus rt-n12+ b1 routers

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.3

Confidence

Low

EPSS

Percentile

9.0%

JSON

Incorrect Access Control in Asus RT-N12+ B1 routers allows local attackers to obtain root terminal access via the the UART interface.

References

asus.com

github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Privilege-Escalation-CVE%E2%80%902024%E2%80%9028326

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.3

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-28326

cvelist1 cve1 vulnrichment1