Vulnerability Description
In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.
CVSS Score
8.1
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Insteon | Insteon Hub Firmware | <= 1012 |
| Insteon | Insteon Hub | - |
Related Weaknesses (CWE)
References
- https://blog.rapid7.com/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-Third Party Advisory
- https://blog.rapid7.com/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-Third Party Advisory
FAQ
What is CVE-2017-5251?
CVE-2017-5251 is a vulnerability with a CVSS score of 8.1 (HIGH). In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.
How severe is CVE-2017-5251?
CVE-2017-5251 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-5251?
Check the references section above for vendor advisories and patch information. Affected products include: Insteon Insteon Hub Firmware, Insteon Insteon Hub.