CVE-2021-3787

{"id": "CVE-2021-3787", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "psirt@lenovo.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}]}, "published": "2021-11-12T22:15:08.163", "references": [{"url": "https://binatoneglobal.com/security-advisory/", "tags": ["Vendor Advisory"], "source": "psirt@lenovo.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "psirt@lenovo.com", "description": [{"lang": "en", "value": "CWE-256"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services."}, {"lang": "es", "value": "Se ha informado de una vulnerabilidad en algunas c\u00e1maras Binatone Hubble de la marca Motorola que podr\u00eda permitir a un atacante con acceso local obtener las credenciales MQTT que podr\u00edan resultar en un acceso no autorizado a los servicios backend de Hubble"}], "lastModified": "2022-10-27T16:42:44.243", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF4488A5-47D6-41ED-9197-0544B095091A", "versionEndExcluding": "03.50.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF35A97E-FD84-471F-BAD5-4E7D1573F89E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAB7C8AB-A62A-4585-B6DA-868AB082542E", "versionEndExcluding": "03.40.02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A24AA60-4C10-4D6B-A5A0-2F26C72844E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCE58D96-4FEC-4214-A164-E5BA7F5B2C29", "versionEndExcluding": "03.40.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48B956E5-73D0-4286-95B0-BBCFD30E2F4A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F3F208-93A5-4CFE-9F7B-E768F039C597"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BB7A9FD-152B-4E09-826C-45AF1CAFE105"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F3F208-93A5-4CFE-9F7B-E768F039C597"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80860B5A-DA27-47AD-83CC-4D8ECE938F05"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67C7BE1C-0F3F-4559-9100-94B2213DD516", "versionEndExcluding": "03.40.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19A8CE00-888A-4A11-BFE2-0A43FFAD7E82"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67C7BE1C-0F3F-4559-9100-94B2213DD516", "versionEndExcluding": "03.40.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09EF4092-FBBF-4CC1-9DE6-4E7914BB7D9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE722C2E-B7D0-44DA-A494-030B6A8CE465"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BEFB40A7-64F5-4057-A1C7-483D809F4DC9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39A98169-B314-4C02-B936-ECCC6A224CE1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35A2752F-B339-4B61-874E-FDB063EE7468"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34F7D5B9-C1A9-484E-8339-AA2199FD2097"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86D5680E-9746-405F-B257-6BE5F9457250"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5136037-CAE0-4C43-92B6-ED95D9D88EF3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "711AD353-9CC1-40F5-A4BB-6ED9C0EB4436"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E41C52F-8993-42EC-A7E7-21830663496B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62B80F89-A9CA-4CEA-8091-593FE73CA1DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88CFF394-3622-4E86-BC47-D1050456FB66"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96B06D2A-47A5-421F-980F-3E31AF89C4AA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F6BDA58-E9FD-4A4D-AC45-8E62C778247B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C01867E5-A3D4-486B-A49B-1A34E5AB61A9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13AC5EE6-C75D-46A5-A235-F653E7ABB6E0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AE5C627-EDAB-4407-90C9-299C2E11969B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00E8AB8F-165B-4810-B52B-19B9B1BAD286"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D58F7A0E-6009-4D51-96B3-21774E94A4B5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "019A6C5F-61C5-48F6-B036-372347CB3EFA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6CED7B6B-A318-4956-8E9E-7E9F333F6849"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99E734BF-B4FB-46D4-B7D1-D1FBC4D8F59C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBB23100-4786-4343-97A6-BEE11176B730"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB6A5A5B-2E32-41D4-8077-0146ED2D5015"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9D8383CE-EFC9-48DF-98B5-25B37630EBB8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A367895E-0D4A-4634-97C1-AEEB4266D3D9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "496B82F4-9CBB-4F9D-9DFD-DFC1B21D3A7E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DEB4430-4E36-4D7E-800E-FFC81CA805FC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DAAE13D-6EB2-4029-BC47-2E5D1F490FF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC267B84-161F-4EE2-8E72-4820F7175B96"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B9316C7C-2041-4A1B-A296-4C06DB5E9F89"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D7AA6CF-7FEE-4ACE-9BD8-383BA30CCB3A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00550EB3-E556-48AE-95FA-84F8B0E177C6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}