Sensitive Information Exposure in SkyBridge MB-A100/110 Firmware
CVE-2023-24586

6.5MEDIUM

Key Information:

Vendor: Seiko Solutions Inc.
Status: Skybridge Mb-a100/110
Vendor: CVE Published:; 10 May 2023

What is CVE-2023-24586?

The SkyBridge MB-A100 and MB-A110 firmware versions up to and including 4.2.0 exhibit a vulnerability where sensitive information is stored in cleartext. This situation may enable a remote authenticated attacker to retrieve vital APN credentials, posing a serious risk to data integrity and security. It is crucial for users to analyze this vulnerability and apply necessary mitigations to safeguard their information.

Affected Version(s)

SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier

References

https://www.seiko-sol.co.jp/archives/73969/

https://www.seiko-sol.co.jp/products/skybridge/skybridge_...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
Mar 15, 2023

Seiko Solutions Inc.

What is CVE-2023-24586?

Affected Version(s)

References

CVSS V3.1

Timeline