CVE-2022-28377

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of the IDU's base Ethernet interface, and adding the string DEVICE_MANUFACTURER='Wistron_NeWeb_Corp.' to /etc/device_info to replicate the host environment. This occurs in /etc/init.d/wnc_factoryssidkeypwd (IDU).

En los dispositivos Verizon 5G Home LVSKIHP InDoorUnit (IDU) versión 3.4.66.162 y OutDoorUnit (ODU) versión 3.33.101.0, los endpoints RPC de CRTC y ODU dependen de un nombre de usuario/contraseña de cuenta estática para el control de acceso. Esta contraseña puede generarse por medio de un binario incluido en el firmware, después de averiguar la dirección MAC de la interfaz Ethernet base de la IDU, y añadir la cadena DEVICE_MANUFACTURER="Wistron_NeWeb_Corp." a /etc/device_info para replicar el entorno del host. Esto ocurre en /etc/init.d/wnc_factoryssidkeypwd (IDU)

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-04-03 CVE Reserved
2022-07-14 CVE Published
2024-08-03 CVE Updated
2024-08-03 First Exploit
2025-04-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-521: Weak Password Requirements

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC
https://github.com/JousterL/SecWriteups/blob/main/Verizon%20LVSKIHP%205G%20Modem/readme.md	2024-08-03

URL	Date	SRC

URL	Date	SRC
https://www.verizon.com/info/reportsecurityvulnerability	2022-07-21

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Verizon Search vendor "Verizon"	Lvskihp Indoorunit Firmware Search vendor "Verizon" for product "Lvskihp Indoorunit Firmware"	3.4.66.162 Search vendor "Verizon" for product "Lvskihp Indoorunit Firmware" and version "3.4.66.162"	-	Affected	in	Verizon Search vendor "Verizon"	Lvskihp Indoorunit Search vendor "Verizon" for product "Lvskihp Indoorunit"	-	-	Safe
Verizon Search vendor "Verizon"	Lvskihp Outdoorunit Firmware Search vendor "Verizon" for product "Lvskihp Outdoorunit Firmware"	3.33.101.0 Search vendor "Verizon" for product "Lvskihp Outdoorunit Firmware" and version "3.33.101.0"	-	Affected	in	Verizon Search vendor "Verizon"	Lvskihp Outdoorunit Search vendor "Verizon" for product "Lvskihp Outdoorunit"	-	-	Safe