Skip to main content

CWE-1313

Hardware Allows Activation of Test or Debug Logic at Runtime

1 CVEs Avg CVSS 6.8 MITRE
0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2026-36027 MEDIUM POC This Month

Arbitrary code execution on Code27 Companion Hub (firmware SQ3A.220705.003.A1) is achievable by a physically proximate attacker through improper access controls on the device's USB debugging (ADB) interface. The Android Debug Bridge component fails to enforce adequate restrictions, allowing an unauthenticated attacker with physical USB access to execute arbitrary commands at elevated privilege. A publicly available proof-of-concept exploit exists on GitHub, and SSVC assessment rates the technical impact as total despite no confirmed active exploitation in the wild.

RCE Google N A
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.3%
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Arbitrary code execution on Code27 Companion Hub (firmware SQ3A.220705.003.A1) is achievable by a physically proximate attacker through improper access controls on the device's USB debugging (ADB) interface. The Android Debug Bridge component fails to enforce adequate restrictions, allowing an unauthenticated attacker with physical USB access to execute arbitrary commands at elevated privilege. A publicly available proof-of-concept exploit exists on GitHub, and SSVC assessment rates the technical impact as total despite no confirmed active exploitation in the wild.

RCE Google N A
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy