CVE-2022-43096

low-risk
Published 2022-11-17

Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via the UART port.

Do I need to act?

-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.8/10 Medium
PHYSICAL / LOW complexity

Affected Products (1)

Mediatrix 4102S Firmware

Affected Vendors

M5T

References (4)

Release Notes https://documentation.media5corp.com/display/MP/DGW+Security+Improvement+Notes+v...
Exploit https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096
Release Notes https://documentation.media5corp.com/display/MP/DGW+Security+Improvement+Notes+v...
Exploit https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096
28
/ 100
low-risk
Severity 22/34 · High
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal