CVE-2022-25213

Name of the Vulnerable Software and Affected Versions No specific software or version is mentioned, so the description is: Device (affected versions not specified)

Description The issue concerns improper physical access control and the use of hard-coded credentials in /etc/passwd. This allows an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port also exposes an unauthenticated Das U-Boot BIOS shell.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.