MidnightBSD

Advisories for teleadapt

CVE-2023-33742

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Cleartext Storage of Sensitive Information: RSA private key in Update.exe.

Products Affected

Vendor Product Version
teleadapt roomcast_ta-2400_firmware *
CVE-2023-33743

TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge (adb) is available.

Products Affected

Vendor Product Version
teleadapt roomcast_ta-2400_firmware *
CVE-2023-33744

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671.

Products Affected

Vendor Product Version
teleadapt roomcast_ta-2400_firmware *
CVE-2023-33745

TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from the shell available after an adb connection, simply entering the su command provides root access (without requiring a password).

Products Affected

Vendor Product Version
teleadapt roomcast_ta-2400_firmware *