Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-35830

Published: 29/06/2023 Updated: 11/07/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Tcg-4 Firmware

Vulnerability Summary

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and DeploymentPackage_v3.04r2-Jellyfish and TCG-4lite Connectivity Module DeploymentPackage_v3.04r2-Jellyfish allow an malicious user to gain full remote access with root privileges without the need for authentication, giving an attacker arbitrary remote code execution over LTE / 4G network via SMS.

Vulnerable Product Search on Vulmon Subscribe to Product

stw-mobile-machines tcg-4_firmware 3.01r1

stw-mobile-machines tcg-4_firmware 3.02r0

stw-mobile-machines tcg-4_firmware 3.03r0

stw-mobile-machines tcg-4_firmware 3.04r2

stw-mobile-machines tcg-4lite_firmware 3.04r2

References

NVD-CWE-noinfohttps://www.stw-mobile-machines.com/psirt/https://www.stw-mobile-machines.com/fileadmin/user_upload/content/STW/PSIRT/STW-IR-23-001.pdfhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook