FKIE_CVE-2019-9659
Vulnerability from fkie_nvd - Published: 2019-03-11 15:29 - Updated: 2024-11-21 04:52
Severity
Summary
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger the alarm remotely via replay attacks, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:wifi_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B80ADC-00EE-448B-BEBB-71DD94E996C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:wifi_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44611F9D-70AC-4E48-8354-012C2ECFADCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:wifi\\/cellular_smart_home_system_h4_plus_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE061D9D-7165-4D77-9754-5CE5D72A5AA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:wifi\\/cellular_smart_home_system_h4_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18F33986-02BE-4432-B2B6-533268B349C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:awv_plus_wifi_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B928D182-1F5E-4737-9D78-5BA47C56DDD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:awv_plus_wifi_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542967D5-1046-4986-AD09-E670CAF965FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:g5w_3g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0277B5-3ADE-4B28-915F-C1F7F56B7546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:g5w_3g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFB1915-79B1-4C4B-99F0-E3842513D490",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:g5_plus_gsm\\/sms\\/rfid_touch_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04E7D9C8-AF36-4993-B96E-EEF51F33CD2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:g5_plus_gsm\\/sms\\/rfid_touch_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B14A21B7-7616-4650-AA20-CC030C6227A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:g3_gsm\\/sms_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAB8117-4951-47BD-8343-A8E8373EBE39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:g3_gsm\\/sms_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5F3111-1708-43AC-B023-CFC15CEC24AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:g5w_3g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0277B5-3ADE-4B28-915F-C1F7F56B7546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:g5w_3g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFB1915-79B1-4C4B-99F0-E3842513D490",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:b11_dual-network_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "028CE8F9-8A5C-4FFB-928F-0D3C46AD2E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:b11_dual-network_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75F01FFF-47A6-4042-BEC7-205E7EAD3D02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:a8_pstn_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42CFD52D-6D88-4C90-9E46-026CE4AF0624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:a8_pstn_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDDA44A-D74C-4B3A-A617-41130DA37C11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:a11_pstn\\/lcd\\/rfid_touch_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A78DF59F-75C5-4EFD-8A89-DFDBFAAABF5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:a11_pstn\\/lcd\\/rfid_touch_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "097E0DBA-4EB8-4E05-8A5C-EE73BEF48AC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:chuango:cg-105s_on-site_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3495C003-1B3C-42AB-9616-1FD266A90A7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:chuango:cg-105s_on-site_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4814C26-3F89-4849-9E9E-485B5FC0BD68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:eminent:em8617_ov2_wifi_alarm_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F307DB70-72EF-4F92-89E5-C6FFDC1B59EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:eminent:em8617_ov2_wifi_alarm_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01959745-EAEC-4F61-85DD-68E6C81EB664",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger the alarm remotely via replay attacks, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System."
},
{
"lang": "es",
"value": "La l\u00ednea de alarmas de antirrobo de 433 MHz de Chuango utiliza c\u00f3digo est\u00e1tico en el control RF remoto, permitiendo a un atacante armar, desarmar, o desencadenar la alarma de manera remota mediante ataques de reproducci\u00f3n, tal y como queda demostrado con los productos Chuango patentados y sus dem\u00e1s productos como el sistema de alarmas por wifi EM8617 OV2."
}
],
"id": "CVE-2019-9659",
"lastModified": "2024-11-21T04:52:04.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T15:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…