PT-2018-11133 · Ecos · Ecos Secure Boot Stick

Franz Girlich

Publicado

2018-06-17

Atualizado

2018-08-10

CVE-2018-12337

CVSS v3.1

4.6

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ECOS Secure Boot Stick (aka SBS) version 5.6.5

Description The issue is related to a Reliance on Security Through Obscurity vulnerability, which allows an attacker to partially extract confidential configurations. This can be achieved through user-space emulation.

Recommendations For ECOS Secure Boot Stick (aka SBS) version 5.6.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2018-12337

Produtos afetados

Ecos Secure Boot Stick

PT-2018-11133 · Ecos · Ecos Secure Boot Stick

CVE-2018-12337

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3