CVE-2024-48973

CRITICAL Year: 2024
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-1263
View all →

Vulnerability Description

The debug port on the ventilator's serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port (which are unencrypted; see 3.2.1) that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.

Related Vulnerabilities

CVE-2023-38290

HIGH
CVSS:7.8(High)

Certain software builds for the BLU View 2 and Sharp Rouvo V Android devices contain a vulnerable pre-installed app with a package name of com.evenwell.fqc (versionCode='9020801', versionName='9.0208....

CWE-12632023

CVE-2023-38290

HIGH
CVSS:7.8(High)

Certain software builds for the BLU View 2 and Sharp Rouvo V Android devices contain a vulnerable pre-installed app with a package name of com.evenwell.fqc (versionCode='9020801', versionName='9.0208....

CWE-12632023

CVE-2022-3728

MEDIUM
CVSS:6.8(Medium)

A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.

CWE-12632022

CVE-2022-48182

MEDIUM
CVSS:6.8(Medium)

A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.

CWE-12632022

CVE-2022-48183

MEDIUM
CVSS:6.8(Medium)

A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.

CWE-12632022

CVE-2024-28326

MEDIUM
CVSS:6.8(Medium)

Incorrect Access Control in ASUS RT-N12+ B1 and RT-N12 D1 routers allows local attackers to obtain root terminal access via the the UART interface.

CWE-12632024