| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12389 | 5.0 |
Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010.
|
24-08-2020 - 17:37 | 02-12-2019 - 17:15 | |
| CVE-2019-12390 | 5.0 |
Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010.
|
24-08-2020 - 17:37 | 02-12-2019 - 17:15 | |
| CVE-2019-12388 | 5.0 |
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010.
|
24-08-2020 - 17:37 | 02-12-2019 - 17:15 | |
| CVE-2019-12392 | 7.5 |
Anviz access control devices allow remote attackers to issue commands without a password.
|
24-08-2020 - 17:37 | 02-12-2019 - 17:15 | |
| CVE-2019-12518 | 10.0 |
Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability.
|
13-02-2020 - 18:15 | 02-12-2019 - 17:15 | |
| CVE-2019-12394 | 7.5 |
Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior authentication.
|
12-12-2019 - 18:13 | 02-12-2019 - 17:15 | |
| CVE-2019-12393 | 5.0 |
Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests.
|
12-12-2019 - 17:56 | 02-12-2019 - 17:15 | |
| CVE-2019-12391 | 5.0 |
The Anviz Management System for access control has insufficient logging for device events such as door open requests.
|
12-12-2019 - 17:39 | 02-12-2019 - 17:15 |