CVE Vulnerabilities

CVE-2013-4875

Improper Authentication

Published: Jul 18, 2013 | Modified: Aug 22, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 allows physically proximate attackers to bypass the intended boot process and obtain a login prompt by connecting a crafted HDMI cable and sending a SysReq interrupt.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Wireless_network_extender Verizon scs-2u01 (including) scs-2u01 (including)

Potential Mitigations

References