漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
CleverDisplay BlueOne unauthorized BIOS access through physical USB keyboard
Vulnerability Description
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device’s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations.
CVSS Information
N/A
Vulnerability Type
CWE-1244
Vulnerability Title
CleverDisplay BlueOne 安全漏洞
Vulnerability Description
CleverDisplay BlueOne是荷兰CleverDisplay公司的一款工业控制的嵌入式硬件设备。 CleverDisplay BlueOne存在安全漏洞,该漏洞源于USB接口物理封闭不当,可能导致暴露内部系统信息。
CVSS Information
N/A
Vulnerability Type
N/A