Vulnerability Details CVE-2022-38161
The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.3%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/subreption/birdwatch-report-1-repo
- https://subreption.com/downloads/reports/demystifying-the-orlan-10_opt.pdf
- https://subreption.com/press-releases/2022-birdwatch-first-report/
- https://github.com/subreption/birdwatch-report-1-repo
- https://subreption.com/downloads/reports/demystifying-the-orlan-10_opt.pdf
- https://subreption.com/press-releases/2022-birdwatch-first-report/