tanprathan · January 6, 2020 02:44
diff --git a/CVE-2019-20348.txt b/CVE-2019-20348.txt
 > [Description]
 > OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART
 > serial interface without proper access control. This allows attackers
 > with physical access to interrupt the boot sequence in order to execute
 > arbitrary commands with root privileges and conduct further attacks.
 >
 > ------------------------------------------
 >
 > [Additional Information]
 > Proof of Concept: https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
 >
 > ------------------------------------------
 >
 > [Vulnerability Type]
 > Incorrect Access Control
 >
 > ------------------------------------------
 >
 > [Vendor of Product]
 > OKER
 >
 > ------------------------------------------
 >
 > [Affected Product Code Base]
 > G232V1 - v1.03.02.20161129
 >
 > ------------------------------------------
 >
 > [Affected Component]
 > UART Hardware
 >
 > ------------------------------------------
 >
 > [Attack Type]
 > Physical
 >
 > ------------------------------------------
 >
 > [Impact Code execution]
 > true
 >
 > ------------------------------------------
 >
 > [Attack Vectors]
 > The attacker with physical access is able to access the device console
 > with root privilege via UART hardware. Once the UART channel (Tx, Rx,
 > GND) is identified, the attacker will be able to access the device
 > console, interrupt the boot sequence and gain access to the console
 > with root privilege lead to information disclosure, arbitrary code
 > execution, backdoor planting on the device to conduct further attack
 > (e.g. Data infiltration and exfiltration on internal network)
 >
 > ------------------------------------------
 >
 > [Reference]
 > http://www.okerthai.com
 > https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
 >
 > ------------------------------------------
 >
 > [Has vendor confirmed or acknowledged the vulnerability?]
 > true
 >
 > ------------------------------------------
 >
 > [Discoverer]
 > Prathan Phongthiproek
	> [Description]
	> OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART
	> serial interface without proper access control. This allows attackers
	> with physical access to interrupt the boot sequence in order to execute
	> arbitrary commands with root privileges and conduct further attacks.
	>
	> ------------------------------------------
	>
	> [Additional Information]
	> Proof of Concept: https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
	>
	> ------------------------------------------
	>
	> [Vulnerability Type]
	> Incorrect Access Control
	>
	> ------------------------------------------
	>
	> [Vendor of Product]
	> OKER
	>
	> ------------------------------------------
	>
	> [Affected Product Code Base]
	> G232V1 - v1.03.02.20161129
	>
	> ------------------------------------------
	>
	> [Affected Component]
	> UART Hardware
	>
	> ------------------------------------------
	>
	> [Attack Type]
	> Physical
	>
	> ------------------------------------------
	>
	> [Impact Code execution]
	> true
	>
	> ------------------------------------------
	>
	> [Attack Vectors]
	> The attacker with physical access is able to access the device console
	> with root privilege via UART hardware. Once the UART channel (Tx, Rx,
	> GND) is identified, the attacker will be able to access the device
	> console, interrupt the boot sequence and gain access to the console
	> with root privilege lead to information disclosure, arbitrary code
	> execution, backdoor planting on the device to conduct further attack
	> (e.g. Data infiltration and exfiltration on internal network)
	>
	> ------------------------------------------
	>
	> [Reference]
	> http://www.okerthai.com
	> https://www.dropbox.com/s/5ozzv04ddsgst3t/OKER_UART.mp4
	>
	> ------------------------------------------
	>
	> [Has vendor confirmed or acknowledged the vulnerability?]
	> true
	>
	> ------------------------------------------
	>
	> [Discoverer]
	> Prathan Phongthiproek