Improper authorization in VGo Celia - CVE-2018-17933
Published: October 19, 2018
Vulnerability identifier: #VU15427
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-17933
CWE-ID: CWE-285
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Vecna Technologies
Affected software:
VGo Celia
VGo Celia
Detailed vulnerability description
The vulnerability allows an adjacent attacker to bypass authorization on the target system.
The weakness exists in the XMPP client due to improper authorization. An adjacent attacker can access telepresence robot's internal functions and execute arbitrary commands.
The weakness exists in the XMPP client due to improper authorization. An adjacent attacker can access telepresence robot's internal functions and execute arbitrary commands.
How to mitigate CVE-2018-17933
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.