Login Sign Up

CVE-2023-33468

9.1 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability allows remote attackers to extract connection confirmation codes from KramerAV VIA Connect (2) and VIA Go (2) devices without physical access to the screen. Attackers can then manipulate the device remotely, potentially gaining unauthorized control. Organizations using affected devices with versions prior to 4.0.1.1326 are at risk.

💻 Affected Systems

Products:
  • KramerAV VIA Connect (2)
  • KramerAV VIA Go (2)
Versions: All versions prior to 4.0.1.1326
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Devices are vulnerable in their default configuration when network accessible.

📦 What is this software?

Via Connect2 Firmware by Kramerav

View all CVEs affecting Via Connect2 Firmware →

Via Go2 Firmware by Kramerav

View all CVEs affecting Via Go2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete remote takeover of the device, enabling attackers to intercept communications, manipulate presentations, install malware, or use the device as an entry point into the network.

🟠

Likely Case

Unauthorized remote access to the device allowing manipulation of presentations, screen sharing, or device settings without legitimate user knowledge.

🟢

If Mitigated

Limited impact if devices are isolated on separate VLANs, have network access controls, and are monitored for unusual connection attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available on GitHub demonstrates remote code extraction. Exploitation requires network access to the device.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.0.1.1326 or later

Vendor Advisory: http://kramerav.com

Restart Required: Yes

Instructions:

1. Download firmware version 4.0.1.1326 or later from KramerAV support portal. 2. Access device web interface. 3. Navigate to System > Firmware Update. 4. Upload the firmware file. 5. Confirm update and allow device to restart.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected devices on separate VLANs with strict firewall rules limiting inbound connections.

Access Control Lists

all

Implement network ACLs to restrict which IP addresses can communicate with the devices.

🧯 If You Can't Patch

  • Disconnect devices from networks with internet access
  • Implement physical security controls to prevent unauthorized physical access to devices

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface at http://[device-ip]/system/info

Check Version:

curl -s http://[device-ip]/system/info | grep -i version

Verify Fix Applied:

Confirm firmware version is 4.0.1.1326 or higher in system information page

📡 Detection & Monitoring

Log Indicators:

  • Unusual connection attempts to device management interface
  • Multiple failed authentication attempts followed by successful access

Network Indicators:

  • Unexpected outbound connections from device
  • Traffic to/from device on unusual ports

SIEM Query:

source_ip="device_ip" AND (event_type="authentication" OR event_type="connection") AND result="success"

📊 Metadata

CVE ID: CVE-2023-33468
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-863
Published: August 9, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33468, you might also want to check these:

CVE-2023-4617 10.0

This vulnerability allows remote attackers to bypass authorization controls in the Govee Home mobile...

Same vulnerability type (CWE-863)
CVE-2025-54253 10.0

CVE-2025-54253 is a critical misconfiguration vulnerability in Adobe Experience Manager Forms that a...

Same vulnerability type (CWE-863)
CVE-2021-38503 10.0

This vulnerability allows malicious iframes to bypass sandbox restrictions when loading XSLT stylesh...

Same vulnerability type (CWE-863)