Homee · Homee Brain Cube V2 · CVE-2019-16258
**Name of the Vulnerable Software and Affected Versions**
homee Brain Cube V2 versions 2.23.0 and earlier
**Description**
The issue allows attackers with physical access to gain root access by manipulating the U-Boot environment via the Command Line Interface (CLI) after connecting to the internal UART interface.
**Recommendations**
For homee Brain Cube V2 versions 2.23.0 and earlier, as a temporary workaround, consider restricting physical access to the device to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.