Vulnerabilities > CVE-2019-16273 - Unspecified vulnerability in Dten D5 Firmware and D7 Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dten

critical

NVD

Published: 2020-01-06

Updated: 2020-08-24

Summary

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS.

Vulnerable Configurations

Part	Description	Count
OS	Dten Dten D5 Firmware 1.3 Dten D5 Firmware 1.3.2 Dten D7 Firmware 1.3 Dten D7 Firmware 1.3.2	4
Hardware	Dten Dten D5 - Dten D7 -	2

References

https://www.forescout.com/company/blog/dten-vulnerability/