Vulnerabilities > CVE-2020-27402 - Unspecified vulnerability in Hindotech HK1 BOX S905X3 Firmware Hk1X3S905X34Bitv1120191105

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
hindotech

Summary

The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port (UART) connection or using adb.