Remote Access Vulnerability in Verizon Wireless Network Extender Bootloader
CVE-2013-4874

Currently unrated

Key Information:

Vendor: Verizon
Status: Wireless Network Extender
Vendor: CVE Published:; 18 July 2013

What is CVE-2013-4874?

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 is vulnerable to unauthorized root access. Attackers in physical proximity can exploit this weakness by connecting a specially crafted HDMI cable, allowing them to launch a sys session and alter the ramboot environment variable. This could potentially enable further intrusions or malicious activities, compromising the security of the affected device.

References

http://www.kb.cert.org/vuls/id/BLUU-997M5B

x_refsource_MISC

http://www.kb.cert.org/vuls/id/458007

third-party-advisoryx_refsource_CERT-VN

http://www.securityfocus.com/bid/61169

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2013
Vulnerability Reserved
Jul 18, 2013

CVE-2013-4874 Data

JSON