Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process.
References
Link | Resource |
---|---|
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
09 Feb 2022, 19:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:sierawireless:airlink_mp70e:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_mp70:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_lx40:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_ls300:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_lx60:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_es440:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_rv50x:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_gx400:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_rv55:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_gx450:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_rv50:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_es450:-:*:*:*:*:*:*:* |
cpe:2.3:h:sierrawireless:airlink_es440:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_rv50:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_mp70:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_mp70e:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx400:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx440:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_lx60:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_rv50x:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_rv55:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx450:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_ls300:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_lx40:-:*:*:*:*:*:*:* |
First Time |
Sierrawireless airlink Mp70e
Sierrawireless airlink Lx40 Sierrawireless airlink Gx450 Sierrawireless airlink Lx60 Sierrawireless airlink Es440 Sierrawireless airlink Es450 Sierrawireless airlink Rv50 Sierrawireless airlink Gx440 Sierrawireless airlink Ls300 Sierrawireless airlink Gx400 Sierrawireless airlink Rv50x Sierrawireless airlink Rv55 Sierrawireless airlink Mp70 |
|
CWE | NVD-CWE-noinfo |
Information
Published : 2020-10-06 14:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-8781
Mitre link : CVE-2020-8781
CVE.ORG link : CVE-2020-8781
JSON object : View
Products Affected
sierrawireless
- airlink_lx40
- airlink_rv55
- airlink_gx440
- airlink_es440
- aleos
- airlink_mp70e
- airlink_es450
- airlink_gx450
- airlink_mp70
- airlink_rv50
- airlink_ls300
- airlink_gx400
- airlink_rv50x
- airlink_lx60
CWE