tanprathan/CVE-2019-20348.txt

## CVE-2019-20348.txt
> [Description]
> OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART
> serial interface without proper access control. This allows attackers
> with physical access to interrupt the boot sequence in order to execute
> arbitrary commands with root privileges and conduct further attacks.
>
> ------------------------------------------
>
> [Additional Information]
> Proof of Concept: https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
>
> ------------------------------------------
>
> [Vulnerability Type]
> Incorrect Access Control
>
> ------------------------------------------
>
> [Vendor of Product]
> OKER
>
> ------------------------------------------
>
> [Affected Product Code Base]
> G232V1 - v1.03.02.20161129
>
> ------------------------------------------
>
> [Affected Component]
> UART Hardware
>
> ------------------------------------------
>
> [Attack Type]
> Physical
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> The attacker with physical access is able to access the device console
> with root privilege via UART hardware. Once the UART channel (Tx, Rx,
> GND) is identified, the attacker will be able to access the device
> console, interrupt the boot sequence and gain access to the console
> with root privilege lead to information disclosure, arbitrary code
> execution, backdoor planting on the device to conduct further attack
> (e.g. Data infiltration and exfiltration on internal network)
>
> ------------------------------------------
>
> [Reference]
> http://www.okerthai.com
> https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
>
> ------------------------------------------
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> ------------------------------------------
>
> [Discoverer]
> Prathan Phongthiproek
	> [Description]
	> OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART
	> serial interface without proper access control. This allows attackers
	> with physical access to interrupt the boot sequence in order to execute
	> arbitrary commands with root privileges and conduct further attacks.
	>
	> ------------------------------------------
	>
	> [Additional Information]
	> Proof of Concept: https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
	>
	> ------------------------------------------
	>
	> [Vulnerability Type]
	> Incorrect Access Control
	>
	> ------------------------------------------
	>
	> [Vendor of Product]
	> OKER
	>
	> ------------------------------------------
	>
	> [Affected Product Code Base]
	> G232V1 - v1.03.02.20161129
	>
	> ------------------------------------------
	>
	> [Affected Component]
	> UART Hardware
	>
	> ------------------------------------------
	>
	> [Attack Type]
	> Physical
	>
	> ------------------------------------------
	>
	> [Impact Code execution]
	> true
	>
	> ------------------------------------------
	>
	> [Attack Vectors]
	> The attacker with physical access is able to access the device console
	> with root privilege via UART hardware. Once the UART channel (Tx, Rx,
	> GND) is identified, the attacker will be able to access the device
	> console, interrupt the boot sequence and gain access to the console
	> with root privilege lead to information disclosure, arbitrary code
	> execution, backdoor planting on the device to conduct further attack
	> (e.g. Data infiltration and exfiltration on internal network)
	>
	> ------------------------------------------
	>
	> [Reference]
	> http://www.okerthai.com
	> https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
	>
	> ------------------------------------------
	>
	> [Has vendor confirmed or acknowledged the vulnerability?]
	> true
	>
	> ------------------------------------------
	>
	> [Discoverer]
	> Prathan Phongthiproek