CVE-2024-41889

Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/OpenMAR/PiTool	Product
https://jvn.jp/en/jp/JVN50850706/	Third Party Advisory
https://pimax.com/pages/downloads-manuals	Product

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:pimax:pitool:-:::::::*
	cpe:2.3:a:pimax:play::::::::

History

30 Aug 2024, 17:53

Type	Values Removed	Values Added
References	~~() https://github.com/OpenMAR/PiTool -~~	() https://github.com/OpenMAR/PiTool - Product
References	~~() https://jvn.jp/en/jp/JVN50850706/ -~~	() https://jvn.jp/en/jp/JVN50850706/ - Third Party Advisory
References	~~() https://pimax.com/pages/downloads-manuals -~~	() https://pimax.com/pages/downloads-manuals - Product
First Time		Pimax pitool Pimax Pimax play
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 9.8
CPE		cpe:2.3:a:pimax:play:::::::: cpe:2.3:a:pimax:pitool:-:::::::*
CWE		NVD-CWE-Other

07 Aug 2024, 19:35

Type	Values Removed	Values Added
CWE		CWE-923
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8

05 Aug 2024, 12:41

Type	Values Removed	Values Added
Summary		(es) Varios productos Pimax aceptan conexiones WebSocket desde endpoints no deseados. Si se aprovecha esta vulnerabilidad, un atacante remoto no autenticado puede ejecutar código arbitrario.

05 Aug 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-05 05:15

Updated : 2024-08-30 17:53

NVD link : CVE-2024-41889

Mitre link : CVE-2024-41889

CVE.ORG link : CVE-2024-41889

JSON object : View

Products Affected

pimax

pitool
play

CWE

NVD-CWE-Other CWE-923

Improper Restriction of Communication Channel to Intended Endpoints

{"id": "CVE-2024-41889", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-08-05T05:15:39.697", "references": [{"url": "https://github.com/OpenMAR/PiTool", "tags": ["Product"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN50850706/", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://pimax.com/pages/downloads-manuals", "tags": ["Product"], "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-923"}]}], "descriptions": [{"lang": "en", "value": "Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker."}, {"lang": "es", "value": "Varios productos Pimax aceptan conexiones WebSocket desde endpoints no deseados. Si se aprovecha esta vulnerabilidad, un atacante remoto no autenticado puede ejecutar c\u00f3digo arbitrario."}], "lastModified": "2024-08-30T17:53:40.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pimax:pitool:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBA58FE7-BB18-4C77-82CE-944A16269EA4"}, {"criteria": "cpe:2.3:a:pimax:play:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27FB753D-1D9B-4AE3-95F0-C4156E3B5E45", "versionEndExcluding": "1.21.01"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}