PT-2020-15110 · Changxiang · Changxiang 8 Plus

Published

2020-07-06

Updated

2021-07-21

CVE-2020-1837

CVSS v3.1

5.3

Medium

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ChangXiang 8 Plus versions earlier than 9.1.0.136(C00E121R1P6T8)

Description The device does not properly handle certain messages from the base station, allowing an attacker to craft a fake base station and launch an attack. Successful exploitation could cause a denial of signal service condition.

Recommendations For versions earlier than 9.1.0.136(C00E121R1P6T8), update to version 9.1.0.136(C00E121R1P6T8) or later to resolve the issue. As a temporary workaround, consider restricting access to the device's base station communication to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-1837

Affected Products

Changxiang 8 Plus

PT-2020-15110 · Changxiang · Changxiang 8 Plus

CVE-2020-1837

Related Identifiers

Affected Products

References · 4