The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number.
References
Link | Resource |
---|---|
http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/ | Exploit |
https://www.kb.cert.org/vuls/id/792004 | Third Party Advisory US Government Resource |
Configurations
History
No history.
Information
Published : 2015-12-27 03:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-8252
Mitre link : CVE-2015-8252
CVE.ORG link : CVE-2015-8252
JSON object : View
Products Affected
rsi_video_technologies
- frontel_protocol
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor