The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.
References
Link | Resource |
---|---|
https://decoded.avast.io/vladislaviliushin/flaws-in-dvb-t2-set-top-boxes-exposed/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-31T14:20:55
Updated: 2020-08-31T14:20:55
Reserved: 2020-04-07T00:00:00
Link: CVE-2020-11617
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-31T15:15:09.963
Modified: 2020-09-09T15:35:37.220
Link: CVE-2020-11617
JSON object: View
Redhat Information
No data.
CWE