CVE-2023-6321 - Vulnerability Details - OpenCVE

A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Owletcare	Cam Cam 2 Cam 2 Firmware Cam Firmware
Throughtek	Kalay Platform

Configuration 1 [-]

AND

cpe:2.3:o:owletcare:cam_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:owletcare:cam:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:owletcare:cam_2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:owletcare:cam_2:-:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/

History

Tue, 11 Feb 2025 22:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Owletcare Owletcare cam Owletcare cam 2 Owletcare cam 2 Firmware Owletcare cam Firmware Throughtek Throughtek kalay Platform
Weaknesses		CWE-77
CPEs		cpe:2.3:a:throughtek:kalay_platform:-:::::::* cpe:2.3:h:owletcare:cam:-:::::::* cpe:2.3:h:owletcare:cam_2:-:::::::* cpe:2.3:o:owletcare:cam_2_firmware:::::::: cpe:2.3:o:owletcare:cam_firmware::::::::
Vendors & Products		Owletcare Owletcare cam Owletcare cam 2 Owletcare cam 2 Firmware Owletcare cam Firmware Throughtek Throughtek kalay Platform

MITRE

Status: PUBLISHED

Assigner: Bitdefender

Published: 2024-05-15T12:07:44.554Z

Updated: 2024-08-02T08:28:21.329Z

Reserved: 2023-11-27T14:22:33.541Z

Link: CVE-2023-6321

Vulnrichment

Updated: 2024-08-02T08:28:21.329Z

NVD

Status : Analyzed

Published: 2024-05-15T13:15:25.230

Modified: 2025-02-11T21:32:39.830

Link: CVE-2023-6321

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6321", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "state": "PUBLISHED", "assignerShortName": "Bitdefender", "dateReserved": "2023-11-27T14:22:33.541Z", "datePublished": "2024-05-15T12:07:44.554Z", "dateUpdated": "2024-08-02T08:28:21.329Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Cam v2", "vendor": "Owlet", "versions": [{"lessThan": "4.2.10", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Cam v1", "vendor": "Owlet", "versions": [{"lessThan": "4.2.11", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Alexandru Lazar"}, {"lang": "en", "type": "finder", "value": "Radu Basaraba"}], "datePublic": "2024-05-15T12:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div><p>A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability. </p></div></div>"}], "value": "A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2024-05-15T12:07:44.554Z"}, "references": [{"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"}], "source": {"discovery": "UNKNOWN"}, "title": "Owlet Camera OS command injection", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "owlet", "product": "cam_v2", "cpes": ["cpe:2.3:a:owlet:cam_v2:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.2.10", "versionType": "custom"}]}, {"vendor": "owlet", "product": "cam_v1", "cpes": ["cpe:2.3:a:owlet:cam_v1:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.2.11", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-15T15:37:34.617442Z", "id": "CVE-2023-6321", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T13:04:03.509Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.329Z"}, "title": "CVE Program Container", "references": [{"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.329Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6321", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-15T15:37:34.617442Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:owlet:cam_v2:*:*:*:*:*:*:*:*"], "vendor": "owlet", "product": "cam_v2", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.10", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:owlet:cam_v1:*:*:*:*:*:*:*:*"], "vendor": "owlet", "product": "cam_v1", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.11", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-15T15:44:04.158Z"}}], "cna": {"title": "Owlet Camera OS command injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Alexandru Lazar"}, {"lang": "en", "type": "finder", "value": "Radu Basaraba"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Owlet", "product": "Cam v2", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.10", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Owlet", "product": "Cam v1", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.11", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2024-05-15T12:00:00.000Z", "references": [{"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "<div><div><p>A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability. </p></div></div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2024-05-15T12:07:44.554Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6321", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:28:21.329Z", "dateReserved": "2023-11-27T14:22:33.541Z", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "datePublished": "2024-05-15T12:07:44.554Z", "assignerShortName": "Bitdefender"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:owletcare:cam_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C11F124-BEE1-4FAF-9BD6-CA0BC81AF56C", "versionEndExcluding": "4.2.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:owletcare:cam:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8A54D2C-9F78-4B06-B5CD-3DBE54F031BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:owletcare:cam_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "167A51A1-6B23-45B2-9038-A8A65966EB83", "versionEndExcluding": "4.2.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:owletcare:cam_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9E25B26-657F-4953-B06E-E70F9D397888", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "4176E066-18DF-47D7-8604-2596C2F37EB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el IOCTL que administra las actualizaciones OTA. Un comando especialmente manipulado puede llevar a la ejecuci\u00f3n del comando como usuario root. Un atacante puede realizar solicitudes autenticadas para desencadenar esta vulnerabilidad."}], "id": "CVE-2023-6321", "lastModified": "2025-02-11T21:32:39.830", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "cve-requests@bitdefender.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-15T13:15:25.230", "references": [{"source": "cve-requests@bitdefender.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve-requests@bitdefender.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}