PT-2017-18968 · Motorola+1 · Motorola Mx011Anm+1
Chris Grayson
+2
·
Publicado
2017-07-31
·
Atualizado
2019-10-03
·
CVE-2017-9498
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Comcast firmware on Motorola MX011ANM version MX011AN 2.9p6s1 PROD sey
Comcast firmware on Xfinity XR11-20 Voice Remote devices (affected versions not specified)
Description
The issue allows local users to upload arbitrary firmware images to an XR11 device by leveraging root access, due to the lack of a protection mechanism involving digital signatures for the firmware.
Recommendations
For Comcast firmware on Motorola MX011ANM version MX011AN 2.9p6s1 PROD sey, consider restricting root access to prevent arbitrary firmware uploads until a patch is available.
For Comcast firmware on Xfinity XR11-20 Voice Remote devices, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Motorola Mx011Anm
Xfinity Xr11-20 Voice Remote