ID |
CVE-2019-9861
|
Summary |
Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.8 (as of 17-05-2019 - 12:58) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-310 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
ADJACENT_NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:A/AC:L/Au:N/C:P/I:P/A:N
|
refmap
via4
|
bugtraq | 20190503 [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310) | fulldisc | 20190504 [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310) | misc | |
|
Last major update |
17-05-2019 - 12:58 |
Published |
14-05-2019 - 17:29 |
Last modified |
17-05-2019 - 12:58 |