Description
An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf
Scores
CVSS v3
6.8
EPSS
0.0004
EPSS Percentile
13.1%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (1)
apollotechnologiesinc/momentum_axel_720p_firmware
5.1.8
Published
Jun 12, 2018
Tracked Since
Feb 18, 2026