Alias Robotics MiR100 Live Image Boot reliance on security through obscurity
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as critical has been discovered in Alias Robotics MiR100, MiR200, MiR250, MiR500, MiR1000, ER200, ER-Lite, ER-Flex, ER-One and UVD. Affected is an unknown function of the component Live Image Boot Handler. The manipulation results in reliance on security through obscurity. This vulnerability is known as CVE-2020-10277. Attacking locally is a requirement. No exploit is available.
Details
A vulnerability was found in Alias Robotics MiR100, MiR200, MiR250, MiR500, MiR1000, ER200, ER-Lite, ER-Flex, ER-One and UVD. It has been classified as critical. Affected is an unknown functionality of the component Live Image Boot Handler. The manipulation with an unknown input leads to a reliance on security through obscurity vulnerability. CWE is classifying the issue as CWE-656. The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the mechanism. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.
The weakness was published 06/24/2020 (GitHub Repository). The advisory is shared for download at github.com. This vulnerability is traded as CVE-2020-10277 since 03/10/2020. The attack needs to be approached locally. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Similar entries are available at VDB-157203, VDB-157202, VDB-157201 and VDB-157199. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Vendor
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.1VulDB Meta Temp Score: 5.9
VulDB Base Score: 5.9
VulDB Temp Score: 5.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.4
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Reliance on security through obscurityCWE: CWE-656
CAPEC: 🔍
ATT&CK: 🔍
Physical: Yes
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Timeline
03/10/2020 🔍06/24/2020 🔍
06/25/2020 🔍
10/26/2020 🔍
Sources
Advisory: github.comStatus: Not defined
Confirmation: 🔍
CVE: CVE-2020-10277 (🔍)
GCVE (CVE): GCVE-0-2020-10277
GCVE (VulDB): GCVE-100-157200
See also: 🔍
Entry
Created: 06/25/2020 20:25Updated: 10/26/2020 21:15
Changes: 06/25/2020 20:25 (38), 06/25/2020 20:30 (11), 10/26/2020 21:08 (1), 10/26/2020 21:15 (1)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.