CVE-2024-41889 - Vulnerability Details - OpenCVE

Description

Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.

Published: 2024-08-05

Score: 8.8 High

EPSS: 1.3% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Pimax

Pimax Play

affected

Version	Status	Constraints
`prior to V1.21.01`	affected	—

Pimax

PiTool

affected

Version	Status	Constraints
`all versions`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:pimax:pitool:-:::::::*
	cpe:2.3:a:pimax:play::::::::

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01334.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/OpenMAR/PiTool
https://jvn.jp/en/jp/JVN50850706/
https://pimax.com/pages/downloads-manuals

History

Fri, 30 Aug 2024 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		NVD-CWE-Other
CPEs		cpe:2.3:a:pimax:pitool:-:::::::*

Wed, 07 Aug 2024 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Pimax Pimax pitool Pimax play
Weaknesses		CWE-923
CPEs		cpe:2.3:a:pimax:pitool:::::::: cpe:2.3:a:pimax:play::::::::
Vendors & Products		Pimax Pimax pitool Pimax play
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Subscriptions

Pimax Pitool Play

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-08-05T04:36:27.107Z

Updated: 2024-08-07T18:43:04.676Z

Reserved: 2024-07-23T02:22:34.309Z

Link: CVE-2024-41889

Vulnrichment

Updated: 2024-08-07T18:42:55.787Z

NVD

Status : Analyzed

Published: 2024-08-05T05:15:39.697

Modified: 2024-08-30T17:53:40.897

Link: CVE-2024-41889

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41889", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2024-07-23T02:22:34.309Z", "datePublished": "2024-08-05T04:36:27.107Z", "dateUpdated": "2024-08-07T18:43:04.676Z"}, "containers": {"cna": {"affected": [{"vendor": "Pimax", "product": "Pimax Play", "versions": [{"version": "prior to V1.21.01", "status": "affected"}]}, {"vendor": "Pimax", "product": "PiTool", "versions": [{"version": "all versions", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker."}], "problemTypes": [{"descriptions": [{"description": "Improper restriction of communication channel to intended endpoints", "lang": "en", "type": "text"}]}], "references": [{"url": "https://pimax.com/pages/downloads-manuals"}, {"url": "https://github.com/OpenMAR/PiTool"}, {"url": "https://jvn.jp/en/jp/JVN50850706/"}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-08-05T04:36:27.107Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-923", "lang": "en", "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints"}]}], "affected": [{"vendor": "pimax", "product": "pitool", "cpes": ["cpe:2.3:a:pimax:pitool:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "pimax", "product": "play", "cpes": ["cpe:2.3:a:pimax:play:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.21.01", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-07T18:36:44.096526Z", "id": "CVE-2024-41889", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T18:43:04.676Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-41889", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-07T18:36:44.096526Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:pimax:pitool:*:*:*:*:*:*:*:*"], "vendor": "pimax", "product": "pitool", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:pimax:play:*:*:*:*:*:*:*:*"], "vendor": "pimax", "product": "play", "versions": [{"status": "affected", "version": "0", "lessThan": "1.21.01", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-923", "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T18:42:55.787Z"}}], "cna": {"affected": [{"vendor": "Pimax", "product": "Pimax Play", "versions": [{"status": "affected", "version": "prior to V1.21.01"}]}, {"vendor": "Pimax", "product": "PiTool", "versions": [{"status": "affected", "version": "all versions"}]}], "references": [{"url": "https://pimax.com/pages/downloads-manuals"}, {"url": "https://github.com/OpenMAR/PiTool"}, {"url": "https://jvn.jp/en/jp/JVN50850706/"}], "descriptions": [{"lang": "en", "value": "Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Improper restriction of communication channel to intended endpoints"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-08-05T04:36:27.107Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41889", "state": "PUBLISHED", "dateUpdated": "2024-08-07T18:43:04.676Z", "dateReserved": "2024-07-23T02:22:34.309Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2024-08-05T04:36:27.107Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pimax:pitool:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBA58FE7-BB18-4C77-82CE-944A16269EA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:pimax:play:*:*:*:*:*:*:*:*", "matchCriteriaId": "27FB753D-1D9B-4AE3-95F0-C4156E3B5E45", "versionEndExcluding": "1.21.01", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker."}, {"lang": "es", "value": "Varios productos Pimax aceptan conexiones WebSocket desde endpoints no deseados. Si se aprovecha esta vulnerabilidad, un atacante remoto no autenticado puede ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2024-41889", "lastModified": "2024-08-30T17:53:40.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-05T05:15:39.697", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Product"], "url": "https://github.com/OpenMAR/PiTool"}, {"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/jp/JVN50850706/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Product"], "url": "https://pimax.com/pages/downloads-manuals"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-923"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}