0Xhasta

Name of the Vulnerable Software and Affected Versions: FNKvision FNK-GU2 versions up to 40.1.7 Description: A critical vulnerability has been found in the UART Interface component of FNKvision FNK-GU2, allowing for improper access control to the on-chip debug and test interface. The attack can be launched on the physical device and has a high complexity, making it difficult to exploit. The exploit has been disclosed to the public. Recommendations: For FNKvision FNK-GU2 versions up to 40.1.7, consider restricting access to the UART Interface component to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FNKvision FNK-GU2 versions through 40.1.7 Description: A problematic vulnerability exists due to a risky cryptographic algorithm related to an unknown functionality of the file `/etc/shadow` within the MD5 component. The attack can be launched on a physical device, but is considered difficult to exploit due to its high complexity. The exploit has been publicly disclosed. Recommendations: Versions prior to 40.1.7 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FNKvision FNK-GU2 versions through 40.1.7 Description: A vulnerability has been identified in FNKvision FNK-GU2. The issue involves a problematic functionality related to the file `/rom/wpa supplicant.conf`, leading to the cleartext storage of sensitive information. The attack can be launched on a physical device and is considered complex and difficult to exploit. The exploit for this issue has been publicly disclosed. Recommendations: Versions prior to 40.1.7: At the moment, there is no information about a newer version that contains a fix for this vulnerability.