CVE-2023-31279
Improper Authentication
The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered
devices on the AirVantage platform when the owner has not disabled the AirVantage Management
Service on the devices or registered the device. This could enable an attacker to configure, manage,
and execute AT commands on an unsuspecting user’s devices.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Affected products
Sierra Wireless · AirVantage, AirVantage-Capable Devices: All Sierra Wireless devices.Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →