Strix
26.1K

CVE-2024-40892

HIGHCVSS 7.1/10EPSS 0.92%

Last modified

CVE-2024-40892 is a high-severity vulnerability rated 7.1/10 on the CVSS scale. A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. EPSS estimates a 0.92% chance of exploitation in the next 30 days.

Description

A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).

Metrics

CVSS 3.1
7.1/10

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability
0.92%

55.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

References

Timeline

Published
Last Modified
Status
Deferred

Frequently Asked Questions

What is CVE-2024-40892?
A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).
How severe is CVE-2024-40892?
CVE-2024-40892 has a CVSS score of 7.1/10 (HIGH severity). The EPSS model estimates a 0.92% probability of exploitation in the next 30 days.
How do I fix CVE-2024-40892?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-40892?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST