CVE-2023-42135

CVSS V2 None CVSS V3 None
Description
PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this vulnerability.
Overview
  • CVE ID
  • CVE-2023-42135
  • Assigner
  • CERT-PL
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-01-15T13:28:55.478Z
  • Last Modified Date
  • 2024-01-15T13:45:01.681Z
References
History
Created Old Value New Value Data Type Notes
2024-06-25 13:42:54 Added to TrackCVE