3 matches found
CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...
CVE-2023-31190
DroneScout ds230 firmware update vulnerability (CVE-2023-31190) is caused by the update procedure not validating the HTTPS TLS certificate, enabling MITM to deliver crafted firmware and gain root on vulnerable firmware versions. Affected firmwares: 20211210-1627 through 20230329-1042. Documented ...
CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...