CVE-2024-13870 Unauthenticated Firmware Downgrade in Bitdefender Box v1
An improper access control vulnerability exists in Bitdefender Box 1 firmware version 1.3.52.928 and below that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX t...