CVE-2024-22727

Teltonika TRB1-series devices with firmware before TRB1_R_00.07.05.2 allow attackers to exploit a firmware vulnerability via Ethernet LAN or USB.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
CISA-ADPADP
8.3 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
teltonikatrb140_firmware
𝑥
< 00.07.05.2
teltonikatrb141_firmware
𝑥
< 00.07.05.2
teltonikatrb142_firmware
𝑥
< 00.07.05.2
teltonikatrb143_firmware
𝑥
< 00.07.05.2
teltonikatrb145_firmware
𝑥
< 00.07.05.2
𝑥
= Vulnerable software versions
References
https://teltonika-networks.com/newsroom/critical-security-update-for-trb1-series-gateways
https://teltonika-networks.com/newsroom/critical-security-update-for-trb1-series-gateways