CVE-2022-36601

The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated attackers to gain root privileges on the affected device and access sensitive data or execute arbitrary commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
jingleminingjasminer_x4_server_firmware
𝑥
≤ 20220621-090907
𝑥
= Vulnerable software versions
References
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/