Details of VAR-201707-1024

ID

VAR-201707-1024

CVE

CVE-2017-9498

TITLE

Motorola MX011ANM and Xfinity XR11-20 Voice Remote Vulnerabilities related to authorization, authority, and access control in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-006606

DESCRIPTION

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices have vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. The XfinityXR11-20VoiceRemote is a voice remote control device. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM and XfinityXR11-20VoiceRemote devices using MX011AN_2.9p6s1_PROD_sey firmware, which is due to a lack of protection for the program

Trust: 2.25

sources: NVD: CVE-2017-9498 // JVNDB: JVNDB-2017-006606 // CNVD: CNVD-2017-19300 // VULHUB: VHN-117701

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-19300

AFFECTED PRODUCTS

vendor:	motorola	model:	mx011anm	scope:	eq	version:	mx011an_2.9p6s1_prod_sey	Trust: 2.4
vendor:	comcast	model:	xfinity xr11-20	scope:	eq	version:	-	Trust: 1.0
vendor:	comcast	model:	xfinity xr11-20	scope:	-	version:	-	Trust: 0.8
vendor:	motorola	model:	mx011anm 2.9p6s1 prod sey	scope:	-	version:	-	Trust: 0.6
vendor:	motorola	model:	mx011anm mx011an 2.9p6s1 prod sey	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2017-19300 // JVNDB: JVNDB-2017-006606 // CNNVD: CNNVD-201706-219 // NVD: CVE-2017-9498

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-9498
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-9498
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-19300
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201706-219
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-117701
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-9498
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-19300
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-117701
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-9498
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-19300 // VULHUB: VHN-117701 // JVNDB: JVNDB-2017-006606 // CNNVD: CNNVD-201706-219 // NVD: CVE-2017-9498

PROBLEMTYPE DATA

problemtype:	CWE-354	Trust: 1.1
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-117701 // JVNDB: JVNDB-2017-006606 // NVD: CVE-2017-9498

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201706-219

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201706-219

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-006606

PATCH

title:	Top Page	url:	http://corporate.comcast.com/	Trust: 0.8
title:	Top Page	url:	https://www.motorolasolutions.com/en_us.html	Trust: 0.8

sources: JVNDB: JVNDB-2017-006606

EXTERNAL IDS

db:	NVD	id:	CVE-2017-9498	Trust: 3.1
db:	JVNDB	id:	JVNDB-2017-006606	Trust: 0.8
db:	CNNVD	id:	CNNVD-201706-219	Trust: 0.7
db:	CNVD	id:	CNVD-2017-19300	Trust: 0.6
db:	VULHUB	id:	VHN-117701	Trust: 0.1

sources: CNVD: CNVD-2017-19300 // VULHUB: VHN-117701 // JVNDB: JVNDB-2017-006606 // CNNVD: CNNVD-201706-219 // NVD: CVE-2017-9498

REFERENCES

url:	https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-42.remote-ota.txt	Trust: 3.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9498	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-9498	Trust: 0.8

sources: CNVD: CNVD-2017-19300 // VULHUB: VHN-117701 // JVNDB: JVNDB-2017-006606 // CNNVD: CNNVD-201706-219 // NVD: CVE-2017-9498

SOURCES

db:	CNVD	id:	CNVD-2017-19300
db:	VULHUB	id:	VHN-117701
db:	JVNDB	id:	JVNDB-2017-006606
db:	CNNVD	id:	CNNVD-201706-219
db:	NVD	id:	CVE-2017-9498

LAST UPDATE DATE

2024-08-14T14:57:38.176000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-19300	date:	2017-08-07T00:00:00
db:	VULHUB	id:	VHN-117701	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-006606	date:	2017-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201706-219	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-9498	date:	2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-19300	date:	2017-08-07T00:00:00
db:	VULHUB	id:	VHN-117701	date:	2017-07-31T00:00:00
db:	JVNDB	id:	JVNDB-2017-006606	date:	2017-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201706-219	date:	2017-06-08T00:00:00
db:	NVD	id:	CVE-2017-9498	date:	2017-07-31T03:29:00.940