Key Information Vulnerability Overview CVE Number: CVE-2022-31565 Report Number: TALOS-2022-2167 Product: Trenda AC6 V5.0 Firmware Vulnerability Type: Signature Validation firmware update vulnerability CVSS Score: 7.8 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) Vulnerability Details Firmware update validation function contains a vulnerability, allowing attackers to bypass signature verification using specially crafted malicious firmware packages. Affected Versions: Tested and confirmed vulnerable or acknowledged as vulnerable by vendor: - AC6_V5.0_20220429 - AC6_V5.0_20220505 - AC6_V5.0_20220512 - AC6_V5.0_20220519 - AC6_V5.0_20220526 Technical Details Firmware Header Structure Analysis: The firmware header contains multiple fields used to describe the firmware file and checksums. Checksum Calculation Logic: The device uses CRC checksums to validate firmware updates. A logical flaw in the code allows bypassing the verification. Timeline 2022-04-20: Cisco Vendor Contacted 2022-04-21: Initial Response Received 2022-05-08: Vendor Feedback Received 2022-05-12: Vulnerability Details Sent to Vendor 2022-05-27: Feedback from Vendor and Coordination of Disclosure Date 2022-06-01: Publicly Disclosed Timeline Set 2022-06-14: Talos Disclosure Date ``` This information provides key technical details and timeline regarding the firmware update signature validation vulnerability in Trenda AC6 V5.0, aiding in understanding the impact and remediation process.