CVE-2023-27746
Published: 13 April 2023
Summary
CVE-2023-27746 is a critical-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Blackvue Dr750-2Ch Lte Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 6.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
BlackVue DR750-2CH LTE firmware version 1.012_2022.10.26 contains a weak default WPA2 passphrase that is susceptible to offline brute-force attacks once an attacker captures the four-way handshake. The issue is tracked as CVE-2023-27746 with a CVSS 3.1 score of 9.8 and is associated with CWE-307.
An attacker positioned on the same network or within radio range can intercept the WPA2 handshake and recover the passphrase through brute force, after which they obtain full network access to the dashcam and any connected systems. Because authentication attempts occur offline, rate limiting on the device provides no protection.
The EPSS score for this vulnerability has remained flat at 0.1011 with no material increase since disclosure. Public references consist primarily of vendor product pages and third-party GitHub repositories documenting the finding; no vendor advisory or firmware update addressing the default passphrase is referenced in the available sources.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-31482
Vulnerability details
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
This control directly enforces limits on consecutive invalid logon attempts and automatic response (e.g., lockout) to prevent brute-force exploitation of authentication mechanisms.
Specific conditions can include excessive failed attempts, triggering stronger authentication that restricts brute-force exploitation.