1 Min Read
CVE-2024-4231 and CVE-2024-4232
Written by Mission Secure
Indian Computer Emergency Response Team (CERT-In)
CVE-2024-4231 and CVE-2024-4232 highlight vulnerabilities in Digisol Routers, specifically involving root terminal access on a serial interface. These vulnerabilities could allow unauthorized access to critical network infrastructure, potentially compromising the security and reliability of OT systems relying on these routers.
From the CVE database:
CVE-2024-4231, This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.
https://www.cve.org/CVERecord?id=CVE-2024-4231
CVE-2024-4232, This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to lack of encryption or hashing in storing of passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext passwords on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.
Originally published May 10, 2024.