#VU80878 Time-of-check Time-of-use (TOCTOU) Race Condition in Hardware solutions


Published: 2023-09-19

Vulnerability identifier: #VU80878

Vulnerability risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24351

CWE-ID: CWE-367

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
RUGGEDCOM APE1808 ADM
Hardware solutions / Firmware
RUGGEDCOM APE1808 ADM CC
Hardware solutions / Firmware
RUGGEDCOM APE1808 CKP
Hardware solutions / Firmware
RUGGEDCOM APE1808 CKP CC
Hardware solutions / Firmware
RUGGEDCOM APE1808 CLOUDCONNECT
Hardware solutions / Firmware
RUGGEDCOM APE1808 CLOUDCONNECT CC
Hardware solutions / Firmware
RUGGEDCOM APE1808 ELAN
Hardware solutions / Firmware
RUGGEDCOM APE1808 ELAN CC
Hardware solutions / Firmware
RUGGEDCOM APE1808 SAM-L
Hardware solutions / Firmware
RUGGEDCOM APE1808 SAM-L CC
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-P
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-P CC
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S1
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S1 CC
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S3
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S3 CC
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S5
Hardware solutions / Firmware
RUGGEDCOM APE1808CLA-S5 CC
Hardware solutions / Firmware
RUGGEDCOM APE1808LNX
Hardware solutions / Firmware
RUGGEDCOM APE1808LNX CC
Hardware solutions / Firmware
RUGGEDCOM APE1808W10
Hardware solutions / Firmware
RUGGEDCOM APE1808W10 CC
Hardware solutions / Firmware

Vendor:

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition. A local attacker can alter data and code used by the remainder of the boot process.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://cert-portal.siemens.com/productcert/txt/ssa-957369.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Dell Client Platform update for INSYDE UEFI BIOS
Multiple vulnerabilities in Siemens RUGGEDCOM APE1808 Product Family