CVE-2019-9862

{"id": "CVE-2019-9862", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-03-27T14:29:02.097", "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because \"encrypted signal transmission\" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the current rolling code state)."}, {"lang": "es", "value": "Se ha descubierto un problema en el sistema de alarma inal\u00e1mbrica ABUS Secvest FUAA50000 3.01.01, junto con el control remoto Secvest FUBE50014 o FUBE50015. Debido a la falta de la \"transmisi\u00f3n de se\u00f1al cifrada\", un atacante puede espiar datos sensibles en texto claro (por ejemplo, el estado actual del c\u00f3digo evolutivo)."}], "lastModified": "2024-11-21T04:52:27.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abus:secvest_wireless_alarm_system_fuaa50000_firmware:3.01.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C5A31E7-5281-4EDC-9CC5-A887857BB6B7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abus:secvest_wireless_alarm_system_fuaa50000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD534B70-3FA6-4712-A30E-A9BEEB9A91CB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abus:secvest_wireless_remote_control_fube50014_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36446080-FC7A-40C4-B3FA-E431B7208B54"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abus:secvest_wireless_remote_control_fube50014:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE991250-A833-4D6D-9CAE-8802C81917E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abus:secvest_wireless_remote_control_fube50015_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9837869E-A954-4E05-B8FA-FF4D41B45E0E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abus:secvest_wireless_remote_control_fube50015:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF0E3110-7E9E-4FE2-9611-78B4D9819927"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}