The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication
of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug Bridge) protocol exposed on the network.
References
Link | Resource |
---|---|
https://psirt.bosch.com/security-advisories/BOSCH-SA-175607.html | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: bosch
Published: 2023-10-25T14:10:50.626Z
Updated: 2023-10-25T14:10:50.626Z
Reserved: 2023-10-18T09:35:22.497Z
Link: CVE-2023-41255
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-25T18:17:30.737
Modified: 2023-11-06T14:33:10.043
Link: CVE-2023-41255
JSON object: View
Redhat Information
No data.
CWE