CVE-2023-4818

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.  The attacker must have physical USB access to the device in order to exploit this vulnerability.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:paxtechnology:paydroid:7.1.2_aquarius_11.1.50_20230614:*:*:*:*:*:*:*
cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://blog.stmcyber.com/pax-pos-cves-2023/ - Exploit, Third Party Advisory () https://blog.stmcyber.com/pax-pos-cves-2023/ - Exploit, Third Party Advisory
References () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - Third Party Advisory () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - Third Party Advisory
References () https://cert.pl/posts/2024/01/CVE-2023-4818/ - Third Party Advisory () https://cert.pl/posts/2024/01/CVE-2023-4818/ - Third Party Advisory
References () https://ppn.paxengine.com/release/development - Permissions Required () https://ppn.paxengine.com/release/development - Permissions Required

10 Oct 2024, 16:15

Type Values Removed Values Added
Summary (en) PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.  The attacker must have physical USB access to the device in order to exploit this vulnerability. (en) PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.  The attacker must have physical USB access to the device in order to exploit this vulnerability.
CWE CWE-20

19 Jan 2024, 16:35

Type Values Removed Values Added
CPE cpe:2.3:o:paxtechnology:paydroid:7.1.2_aquarius_11.1.50_20230614:*:*:*:*:*:*:*
cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:*
References () https://ppn.paxengine.com/release/development - () https://ppn.paxengine.com/release/development - Permissions Required
References () https://blog.stmcyber.com/pax-pos-cves-2023/ - () https://blog.stmcyber.com/pax-pos-cves-2023/ - Exploit, Third Party Advisory
References () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - () https://cert.pl/en/posts/2024/01/CVE-2023-4818/ - Third Party Advisory
References () https://cert.pl/posts/2024/01/CVE-2023-4818/ - () https://cert.pl/posts/2024/01/CVE-2023-4818/ - Third Party Advisory
CWE CWE-74
First Time Paxtechnology paydroid
Paxtechnology
Paxtechnology a920
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.6

15 Jan 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-15 14:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-4818

Mitre link : CVE-2023-4818

CVE.ORG link : CVE-2023-4818


JSON object : View

Products Affected

paxtechnology

  • a920
  • paydroid
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')