Vulnerabilities > CVE-2020-35587 - Unspecified vulnerability in Mersive Solstice Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique
Vulnerable Configurations
References
- https://attack.mitre.org/techniques/T1444/
- https://attack.mitre.org/techniques/T1444/
- https://documentation.mersive.com/content/pages/release-notes.htm
- https://documentation.mersive.com/content/pages/release-notes.htm
- https://github.com/aress31/solstice-pod-cves
- https://github.com/aress31/solstice-pod-cves
- https://www.mersive.com/uk/products/solstice/
- https://www.mersive.com/uk/products/solstice/