CVE-2020-21406 - OpenCVE

An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
V88 Smart Tv Box Project	V88 Smart Tv Box V88 Smart Tv Box Firmware
Rk Max Smart Tv Box Project	Rk Max Smart Tv Box Firmware Rk Max Smart Tv Box

Configuration 1 [-]

AND

cpe:2.3:o:v88_smart_tv_box_project:v88_smart_tv_box_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:v88_smart_tv_box_project:v88_smart_tv_box:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:rk_max_smart_tv_box_project:rk_max_smart_tv_box_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rk_max_smart_tv_box_project:rk_max_smart_tv_box:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/helloworldxp/TVBoxBugs/blob/master/RK_MAX_V88_SmartTV_Vulnerability	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-07-20T18:46:56

Updated: 2022-07-20T18:46:56

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-21406

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-07-20T19:15:08.103

Modified: 2022-07-27T17:16:53.747

Link: CVE-2020-21406

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:v88_smart_tv_box_project:v88_smart_tv_box_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D4C1576-9518-4387-AEBC-8E06201F97F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:v88_smart_tv_box_project:v88_smart_tv_box:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DC18A3F-8B55-4D2D-A6EC-C011F59A2329", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rk_max_smart_tv_box_project:rk_max_smart_tv_box_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2366CFF0-5ED4-4FC6-832D-EF9DA647549F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rk_max_smart_tv_box_project:rk_max_smart_tv_box:-:*:*:*:*:*:*:*", "matchCriteriaId": "510BF0B0-413D-4998-907D-81F02EB2FF2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service."}, {"lang": "es", "value": "Se ha detectado un problema en RK Smart TV Box MAX y V88 SmartTV box que permite a atacantes causar una denegaci\u00f3n de servicio por medio del servicio switchNextDisplayInterface"}], "id": "CVE-2020-21406", "lastModified": "2022-07-27T17:16:53.747", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-20T19:15:08.103", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/helloworldxp/TVBoxBugs/blob/master/RK_MAX_V88_SmartTV_Vulnerability"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}