mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
963 B
963 B
CVE-2023-40464
Description
Several versions ofALEOS, including ALEOS 4.16.0, use a hardcodedSSL certificate andprivate key. An attacker with access to these itemscould potentiallyperform a man in the middle attack between theACEManager clientand ACEManager server.
POC
Reference
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs
Github
No PoCs found on GitHub currently.