Vulnerability identifier: #VU61207

Vulnerability risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-25213

CWE-ID: CWE-798

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
K2
Hardware solutions / Routers & switches, VoIP, GSM, etc
K3
Hardware solutions / Routers & switches, VoIP, GSM, etc
K3C
Hardware solutions / Routers & switches, VoIP, GSM, etc
K2 A7
Hardware solutions / Routers & switches, VoIP, GSM, etc
K2G A1
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: PHICOMM

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to improper access control and use of hard-coded credentials in /etc/passwd. An attacker with physical access can obtain a root shell via an unprotected UART port on the device.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

K2: 22.5.9.163

K3: 21.5.37.246

K3C: 32.1.15.93 - 33.1.25.177

K2 A7: 22.6.506.28

K2G A1: 22.6.3.20

---

External links
http://www.tenable.com/security/research/tra-2022-01

---

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.