PT-2017-18190 · Sierra Wireless · Me906S-158

Published

2017-11-22

Updated

2019-10-03

CVE-2017-8185

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ME906s-158 versions earlier than ME906S Installer 13.1805.10.3

Description The issue allows an attacker to elevate privileges, potentially modifying configuration information to include malicious files. This could trick users into executing these files, resulting in the execution of arbitrary code.

Recommendations For ME906s-158 versions earlier than ME906S Installer 13.1805.10.3, update to ME906S Installer 13.1805.10.3 or later to resolve the issue.

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

CVE-2017-8185

Affected Products

Me906S-158

PT-2017-18190 · Sierra Wireless · Me906S-158

CVE-2017-8185

Weakness Enumeration

Related Identifiers

Affected Products

References · 3