CVE-2013-4874

Published: Jul 18, 2013Modified: Apr 29, 2026

6.2

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 1.9 / Impact: 10.0

Source: NVD

Description

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable.

Affected (1)

Products: Verizon: Wireless Network Extender

Verizon

1 product

Wireless Network Extender

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Verizon Wireless Network Extender	Version scs-26uc4

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

http://www.kb.cert.org/vuls/id/458007

Source: cve@mitre.org

US Government Resource

http://www.kb.cert.org/vuls/id/BLUU-997M5B

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/61169

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/458007

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.kb.cert.org/vuls/id/BLUU-997M5B

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/61169

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.