← Zuruck zu CVEs

CVE-2022-2675

MEDIUM

6.5

Beschreibung

Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1.

CVE Details

CVSS v3.1 Bewertung6.5

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AngriffsvektorADJACENT_NETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht8/5/2022

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

unitree:go_1unitree:go_1_firmware

Schwachen (CWE)

CWE-285

Referenzen

https://fccid.io/2A5PE-YUSHU001/Users-Manual/User-Manual-5810729(cve@rapid7.com)

https://twitter.com/d0tslash/status/1555326302462394370(cve@rapid7.com)

https://www.mybotshop.de/Datasheet/Unitree_A1_User_Manual_v1.0.pdf(cve@rapid7.com)

https://fccid.io/2A5PE-YUSHU001/Users-Manual/User-Manual-5810729(af854a3a-2127-422b-91ae-364da2661108)

https://twitter.com/d0tslash/status/1555326302462394370(af854a3a-2127-422b-91ae-364da2661108)

https://www.mybotshop.de/Datasheet/Unitree_A1_User_Manual_v1.0.pdf(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.