Vulnerabilities > CVE-2020-35587 - Unspecified vulnerability in Mersive Solstice Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mersive

NVD

Published: 2020-12-23

Updated: 2024-08-04

Summary

In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique

Vulnerable Configurations

Part	Description	Count
OS	Mersive Mersive Solstice Firmware - Mersive Solstice Firmware 2.6.0 Mersive Solstice Firmware 2.6.2 Mersive Solstice Firmware 2.7.0 Mersive Solstice Firmware 2.7.2 Mersive Solstice Firmware 2.7.3 Mersive Solstice Firmware 2.8.0 Mersive Solstice Firmware 2.8.4 Mersive Solstice Firmware 2.8.7 Mersive Solstice Firmware 2.8.9 Mersive Solstice Firmware 3.0.1	11
Hardware	Mersive Mersive Solstice -	1

Summary

Vulnerable Configurations

References