Description
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.
Related CPE's
Vulnerable
Vulnerable
References
Not Applicable
https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468
ExploitThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2023-08-09T20:15:10.357
1 year agoLast modified
2023-08-16T18:03:44.977
1 year ago