PT-2023-13495 · Zebra · Zebra Enterprise Home Screen

Alexandre Guldner

Publicado

2023-01-10

Atualizado

2025-04-09

CVE-2022-36443

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zebra Enterprise Home Screen version 4.1.19

Description An issue was discovered that allows the use of a physical connection (Ethernet cable) without restriction, even when some communication channels are locked by the administrator.

Recommendations For Zebra Enterprise Home Screen version 4.1.19, consider restricting access to the Ethernet port or implementing additional security measures to minimize the risk of exploitation.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2022-36443

Produtos afetados

Zebra Enterprise Home Screen

PT-2023-13495 · Zebra · Zebra Enterprise Home Screen

CVE-2022-36443

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6