PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.
The attacker must have physical USB access to the device in order to exploit this vulnerability.
References
Link | Resource |
---|---|
https://blog.stmcyber.com/pax-pos-cves-2023/ | Exploit Third Party Advisory |
https://cert.pl/en/posts/2024/01/CVE-2023-4818/ | Third Party Advisory |
https://cert.pl/posts/2024/01/CVE-2023-4818/ | Third Party Advisory |
https://ppn.paxengine.com/release/development | Permissions Required |
https://blog.stmcyber.com/pax-pos-cves-2023/ | Exploit Third Party Advisory |
https://cert.pl/en/posts/2024/01/CVE-2023-4818/ | Third Party Advisory |
https://cert.pl/posts/2024/01/CVE-2023-4818/ | Third Party Advisory |
https://ppn.paxengine.com/release/development | Permissions Required |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 08:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.stmcyber.com/pax-pos-cves-2023/ - Exploit, Third Party Advisory | |
References | () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - Third Party Advisory | |
References | () https://cert.pl/posts/2024/01/CVE-2023-4818/ - Third Party Advisory | |
References | () https://ppn.paxengine.com/release/development - Permissions Required |
10 Oct 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability. | |
CWE |
19 Jan 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:paxtechnology:paydroid:7.1.2_aquarius_11.1.50_20230614:*:*:*:*:*:*:* cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:* |
|
References | () https://ppn.paxengine.com/release/development - Permissions Required | |
References | () https://blog.stmcyber.com/pax-pos-cves-2023/ - Exploit, Third Party Advisory | |
References | () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - Third Party Advisory | |
References | () https://cert.pl/posts/2024/01/CVE-2023-4818/ - Third Party Advisory | |
CWE | CWE-74 | |
First Time |
Paxtechnology paydroid
Paxtechnology Paxtechnology a920 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.6 |
15 Jan 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-15 14:15
Updated : 2024-11-21 08:36
NVD link : CVE-2023-4818
Mitre link : CVE-2023-4818
CVE.ORG link : CVE-2023-4818
JSON object : View
Products Affected
paxtechnology
- a920
- paydroid
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')