CVE-2023-2626: Authentication Bypass in OpenThread Boarder Router devices
First published: Tue Jul 25 2023(Updated: )
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range.
Credit: cve-coordination@google.com cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Nest Hub Max Firmware | >=10.20221207.2.109<10.20221207.2.120 | |
| Google Nest Hub Max | ||
| Google Nest Hub Firmware | >=10.20221207.2.100038<10.20221207.2.100042 | |
| Google Nest Hub | ||
| Google Wifi Firmware | >=14150.881.7<14150.882.9 | |
| Google Wifi | ||
| Google Nest Wifi Point Firmware | >=1.56.1<1.56.368671 | |
| Google Nest Wifi Point | ||
| Google Nest Wifi 6e Firmware | >=1.59<1.63.355999 | |
| Google Nest Wifi 6e | ||
| All of | ||
| Google Nest Hub Max | ||
| Google Nest Hub Max Firmware | >=10.20221207.2.109<10.20221207.2.120 | |
| All of | ||
| Google Nest Hub | ||
| Google Nest Hub Firmware | >=10.20221207.2.100038<10.20221207.2.100042 | |
| All of | ||
| Google Wifi | ||
| Google Wifi Firmware | >=14150.881.7<14150.882.9 | |
| All of | ||
| Google Nest Wifi Point | ||
| Google Nest Wifi Point Firmware | >=1.56.1<1.56.368671 | |
| All of | ||
| Google Nest Wifi 6e | ||
| Google Nest Wifi 6e Firmware | >=1.59<1.63.355999 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-2626?
CVE-2023-2626 has a severity rating of 8.8 (high).
Which devices are affected by CVE-2023-2626?
OpenThread border router devices and Google Nest Hub Max Firmware, Google Nest Hub Firmware, Google Wifi Firmware, Google Nest Wifi Point Firmware, and Google Nest Wifi 6e Firmware are affected by CVE-2023-2626.
How does CVE-2023-2626 work?
CVE-2023-2626 allows unauthenticated nodes to use a special mode with a static encryption key to bypass security checks, resulting in arbitrary IP packets.
Is Google Nest Hub Max vulnerable to CVE-2023-2626?
Google Nest Hub Max is vulnerable to CVE-2023-2626 if it is running a firmware version between 10.20221207.2.109 and 10.20221207.2.120.
How can I fix CVE-2023-2626?
To fix CVE-2023-2626, it is recommended to update the firmware of the affected devices to a version that is not vulnerable.
- collector/nvd-latest
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/google
- canonical/google nest hub max firmware
- version/google nest hub max firmware/10.20221207.2.109
- canonical/google nest hub max
- canonical/google nest hub firmware
- version/google nest hub firmware/10.20221207.2.100038
- canonical/google nest hub
- canonical/google wifi firmware
- version/google wifi firmware/14150.881.7
- canonical/google wifi
- canonical/google nest wifi point firmware
- version/google nest wifi point firmware/1.56.1
- canonical/google nest wifi point
- canonical/google nest wifi 6e firmware
- version/google nest wifi 6e firmware/1.59
- canonical/google nest wifi 6e