// For flags

CVE-2018-17534

Teltonika RUT9XX Missing Access Control To UART Root Terminal

Severity Score

6.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.

Los routers Teltonika RUT9XX con firmware en versiones anteriores a la 00.04.233 proporcionan un terminal root en una interfaz de serie sin un control de acceso adecuado. Esto permite que los atacantes con acceso fĂ­sico ejecuten comandos arbitrarios con privilegios root.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-09-25 CVE Reserved
  • 2018-10-12 CVE Published
  • 2024-03-07 EPSS Updated
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Teltonika
Search vendor "Teltonika"
Rut900 Firmware
Search vendor "Teltonika" for product "Rut900 Firmware"
< 00.04.233
Search vendor "Teltonika" for product "Rut900 Firmware" and version " < 00.04.233"
-
Affected
in Teltonika
Search vendor "Teltonika"
Rut900
Search vendor "Teltonika" for product "Rut900"
--
Safe
Teltonika
Search vendor "Teltonika"
Rut950 Firmware
Search vendor "Teltonika" for product "Rut950 Firmware"
< 00.04.233
Search vendor "Teltonika" for product "Rut950 Firmware" and version " < 00.04.233"
-
Affected
in Teltonika
Search vendor "Teltonika"
Rut950
Search vendor "Teltonika" for product "Rut950"
--
Safe
Teltonika
Search vendor "Teltonika"
Rut955 Firmware
Search vendor "Teltonika" for product "Rut955 Firmware"
< 00.04.233
Search vendor "Teltonika" for product "Rut955 Firmware" and version " < 00.04.233"
-
Affected
in Teltonika
Search vendor "Teltonika"
Rut955
Search vendor "Teltonika" for product "Rut955"
--
Safe