Published:2024/01/23  Last Updated:2024/01/23

JVNVU#99896362
Yamaha wireless LAN access point devices vulnerable to active debug code

Overview

Multiple Yamaha wireless LAN access point devices provided by Yamaha Corporation contain a vulnerability where active debug code is available.

Products Affected

  • WLX222 firmware Rev.24.00.03 and earlier
  • WLX413 firmware Rev.22.00.05 and earlier
  • WLX212 firmware Rev.21.00.12 and earlier
  • WLX313 firmware Rev.18.00.12 and earlier
  • WLX202 firmware Rev.16.00.18 and earlier

Description

Active debug code (CWE-489) exists in wireless LAN access point devices provided by Yamaha Corporation.
The debug function can be enabled by performing specific operations.

Impact

If a logged-in user who knows how to use the debug function accesses the device's management page, this function can be enabled by performing specific operations and as a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
Yamaha Corporation Vulnerable 2024/01/23 Yamaha Corporation website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score: 6.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:A/AC:L/Au:S/C:P/I:P/A:P
Base Score: 5.2
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2024-22366
JVN iPedia