CVE-2019-12789
Last modified
CVE-2019-12789 is a vulnerability of currently unknown severity. An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. EPSS estimates a 0.57% chance of exploitation in the next 30 days.
Description
An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the attacker can mount the filesystem read-write and make permanent modifications to the device including bricking of the device, disabling vendor management of the device, preventing automatic upgrades, and permanently installing malicious code on the device.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Actiontec | T2200h Firmware | t2200h-31.1238l.08 |
References
- http://seclists.org/fulldisclosure/2019/Jun/10Exploit, Mailing List, Third Party Advisory
- https://www.actiontec.com/blog/Third Party Advisory
- http://seclists.org/fulldisclosure/2019/Jun/10Exploit, Mailing List, Third Party Advisory
- https://www.actiontec.com/blog/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-12789?
How severe is CVE-2019-12789?
How do I fix CVE-2019-12789?
Are you affected by CVE-2019-12789?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST