Vulnerabilities > CVE-2023-27197 - Unspecified vulnerability in Paxtechnology PAX A930 Firmware Paydroid7.1.1Virgov04.5.0220220722
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
References
- https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md
- https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md
- https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/
- https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/