Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.
Pimax PiTool and Pimax Play applications listen for WebSocket connections but do not properly verify which endpoints are authorized to establish such a connection (CWE-923 β improper restriction of communication channel). An attacker with network access can establish a WebSocket connection without any authentication and send malicious commands to the vulnerable application, leading to arbitrary code execution on the victim's host.
A remote, unauthenticated attacker can execute arbitrary code on a machine with installed Pimax software, potentially resulting in complete system takeover, data theft, or malicious software installation.
Apply patches available from the manufacturer according to the references. Additionally, it is recommended to restrict network access to WebSocket ports used by Pimax applications using firewall or network rules, so that connections are possible only from trusted local hosts.
Pimax PiTool and Pimax Play β specific versions indicated in the manufacturer's references (https://pimax.com/pages/downloads-manuals and https://jvn.jp/en/jp/JVN50850706/)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPimax Pitool
APPPimaxwszystkie wersjePimax Play
APPPimax< 1.21.01