CVE-2023-31279
Improper Authentication
The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered
devices on the AirVantage platform when the owner has not disabled the AirVantage Management
Service on the devices or registered the device. This could enable an attacker to configure, manage,
and execute AT commands on an unsuspecting user’s devices.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Productos afectados
Sierra Wireless · AirVantage, AirVantage-Capable Devices: All Sierra Wireless devices.¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →