Vulnerability Description
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atisystem | Hpss16 Firmware | - |
| Atisystem | Hpss16 | - |
| Atisystem | Hpss32 Firmware | - |
| Atisystem | Hpss32 | - |
| Atisystem | Mhpss Firmware | - |
| Atisystem | Mhpss | - |
| Atisystem | Alert4000 Firmware | - |
| Atisystem | Alert4000 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103721Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-01MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/103721Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-01MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-8864?
CVE-2018-8864 is a vulnerability with a CVSS score of 3.1 (LOW). In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio tran...
How severe is CVE-2018-8864?
CVE-2018-8864 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-8864?
Check the references section above for vendor advisories and patch information. Affected products include: Atisystem Hpss16 Firmware, Atisystem Hpss16, Atisystem Hpss32 Firmware, Atisystem Hpss32, Atisystem Mhpss Firmware.