Impact
The Code27 Companion Hub model SQ3A.220705.003.A1 contains a flaw that lets an attacker who can physically reach the device execute arbitrary code through the USB debugging (ADB) interface. This vulnerability permits the execution of any command on the system, leading to full compromise of confidentiality, integrity, and availability. The weakness is classified as CWE‑1313, indicating that administrative functions are not properly restricted and can be accessed without sufficient authentication.
Affected Systems
Only the Code27 Companion Hub SQ3A.220705.003.A1 is listed as affected. No other product versions or vendors are specified, and the vulnerability is tied to physical proximity to the USB debugging port.
Risk and Exploitability
The CVSS score of 6.8 places this issue in the high to medium range, reflecting that the attack requires an attacker to be physically near the device and plug in a USB debug cable. No EPSS score is provided, and the vulnerability is not listed in the CISA KEV catalog, suggesting it is not widely exploited yet. The attack vector is a manual USB connection to the device's debugging interface, so the risk depends heavily on the physical security of the installation environment.
OpenCVE Enrichment