CVE-2022-29948 — MEDIUM (4.6)

Q: How severe is CVE-2022-29948?

CVE-2022-29948 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-29948?

Check the references section above for vendor advisories and patch information. Affected products include: Lepin Ep-Kp001 Project Lepinep-Kp001 Firmware, Lepin Ep-Kp001 Project Lepin Ep-Kp001.

Vulnerability Description

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode (6 to 14 digits) via the keypad and pressing the Unlock button. This authentication is performed by an unknown microcontroller. By replacing this microcontroller on a target device with one from an attacker-controlled Lepin EP-KP001 whose passcode is known, it is possible to successfully unlock the target device and read the stored data in cleartext.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Lepin Ep-Kp001 Project	Lepinep-Kp001 Firmware	<= kp001_v19
Lepin Ep-Kp001 Project	Lepin Ep-Kp001	-

References

http://packetstormsecurity.com/files/167550/Lepin-EP-KP001-KP001_V19-AuthenticatExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2022/Jun/27ExploitMailing ListThird Party Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-024.tExploitThird Party Advisory
http://packetstormsecurity.com/files/167550/Lepin-EP-KP001-KP001_V19-AuthenticatExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2022/Jun/27ExploitMailing ListThird Party Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-024.tExploitThird Party Advisory

FAQ

What is CVE-2022-29948?

CVE-2022-29948 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Due to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Norma...

How severe is CVE-2022-29948?

CVE-2022-29948 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-29948?

Check the references section above for vendor advisories and patch information. Affected products include: Lepin Ep-Kp001 Project Lepinep-Kp001 Firmware, Lepin Ep-Kp001 Project Lepin Ep-Kp001.