The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered
devices on the AirVantage platform when the owner has not disabled the AirVantage Management
Service on the devices or registered the device. This could enable an attacker to configure, manage,
and execute AT commands on an unsuspecting user’s devices.
Metrics
Affected Vendors & Products
References
History
Fri, 20 Dec 2024 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered devices on the AirVantage platform when the owner has not disabled the AirVantage Management Service on the devices or registered the device. This could enable an attacker to configure, manage, and execute AT commands on an unsuspecting user’s devices. | |
Title | Improper Authentication | |
Weaknesses | CWE-287 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: SWI
Published: 2024-12-20T23:35:29.797Z
Updated: 2024-12-24T00:40:07.676Z
Reserved: 2023-04-26T19:52:55.324Z
Link: CVE-2023-31279
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-21T00:15:27.100
Modified: 2024-12-21T00:15:27.100
Link: CVE-2023-31279
Redhat
No data.