CVE-2024-22727

Published Feb 17, 2024

Last updated 19 days ago

CVSS high 8.3

Overview

Description: Teltonika TRB1-series devices with firmware before TRB1_R_00.07.05.2 allow attackers to exploit a firmware vulnerability via Ethernet LAN or USB.
Source: cve@mitre.org
NVD status: Analyzed
Products: trb140_firmware, trb141_firmware, trb142_firmware, trb143_firmware, trb145_firmware

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8.3
Impact score: 5.5
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teltonika:trb140_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F44F3600-156F-4EEC-BFB5-9F67DAF9C272",
            "versionEndExcluding": "00.07.05.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teltonika:trb140:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C14C3529-5B00-4CE3-A818-A6F9F6349D55"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teltonika:trb141_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18CCE0DC-A54E-4533-B14F-9E114844DE29",
            "versionEndExcluding": "00.07.05.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teltonika:trb141:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6FBD4DA8-14C4-4843-81D3-88E2534BC276"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teltonika:trb142_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29FDFAFF-C3C0-4EE7-8933-8FAAB72DAA02",
            "versionEndExcluding": "00.07.05.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teltonika:trb142:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F0D55FB8-F8C3-45AA-BD20-BC8D80658F70"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teltonika:trb143_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD69C8FB-4012-4735-82C5-7DE29258ECA1",
            "versionEndExcluding": "00.07.05.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teltonika:trb143:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E0A64E4C-DF8D-4285-A49F-7BA75CB954F1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teltonika:trb145_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4576A345-9B2A-4B2B-A3DD-833F9FC5E6C4",
            "versionEndExcluding": "00.07.05.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teltonika:trb145:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2A42DA2-090D-47C0-875C-562BD5189AB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References