CVE-2023-2626

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network.
 This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
googlenest_hub_max_firmware
10.20221207.2.109 ≤
𝑥
< 10.20221207.2.120
googlenest_hub_firmware
10.20221207.2.100038 ≤
𝑥
< 10.20221207.2.100042
googlewifi_firmware
14150.881.7 ≤
𝑥
< 14150.882.9
googlenest_wifi_point_firmware
1.56.1 ≤
𝑥
< 1.56.368671
googlenest_wifi_6e_firmware
1.59 ≤
𝑥
< 1.63.355999
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
googlenest_hub
10.20221207.2.100038 ≤
𝑥
< 10.20221207.2.100042
ADP
googlenest_wifi_6e
1.59 ≤
𝑥
< 1.63.355999
ADP
googlewifi
14150.881.7 ≤
𝑥
< 14150.882.9
ADP
googlenest_wifi_point
1.56.1 ≤
𝑥
< 1.56.368671
ADP
googlenest_hub_max
10.20221207.2.109 ≤
𝑥
< 10.20221207.2.120
ADP
Common Weakness Enumeration
References
https://support.google.com/product-documentation/answer/13588832?hl=en&ref_topic=12974021&sjid=7833436865896465963-NA#zippy=%2Cnest-wifi
https://support.google.com/product-documentation/answer/13588832?hl=en&ref_topic=12974021&sjid=7833436865896465963-NA#zippy=%2Cnest-wifi