CVE-2022-40187

Name of the Vulnerable Software and Affected Versions Foresight GC3 Launch Monitor version 1.3.15.68

Description The issue allows for process debugging, file system modification, and terminal access as the root user through a Target Communication Framework (TCF) service. This service listens on a TCP port on all interfaces. An attacker could exploit this, potentially in conjunction with a hosted wireless access point and the known passphrase of FSSPORTS, to modify a device and steal intellectual property.

Recommendations For Foresight GC3 Launch Monitor version 1.3.15.68, consider disabling the TCF service to prevent unauthorized access until a patch is available. Restrict access to the device and its network to minimize the risk of exploitation. Avoid using the known passphrase of FSSPORTS for wireless access points connected to these devices.