Vulnerabilities > CVE-2023-33745 - Unspecified vulnerability in Teleadapt Roomcast Ta-2400 Firmware 1.0/3.1

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

teleadapt

critical

NVD

Published: 2023-07-27

Updated: 2024-10-23

Summary

TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from the shell available after an adb connection, simply entering the su command provides root access (without requiring a password).

Vulnerable Configurations

Part	Description	Count
OS	Teleadapt Teleadapt Roomcast TA 2400 Firmware 1.0 Teleadapt Roomcast TA 2400 Firmware 3.1	2
Hardware	Teleadapt Teleadapt Roomcast TA 2400 -	1

References

http://packetstormsecurity.com/files/173764/RoomCast-TA-2400-Cleartext-Private-Key-Improper-Access-Control.html