Vulnerability Description
The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. When the condition is triggered, the OV2 base station is unable to process sensor states and effectively prevents the alarm from setting off, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chuango | H4 Plus Firmware | All versions |
| Chuango | H4 Plus | - |
| Chuango | Awv Plus Firmware | All versions |
| Chuango | Awv Plus | - |
| Chuango | G5W 3G Firmware | All versions |
| Chuango | G5W 3G | - |
| Chuango | G5 Plus Firmware | All versions |
| Chuango | G5 Plus | - |
| Chuango | G3 Firmware | All versions |
| Chuango | G3 | - |
| Chuango | G5W Firmware | All versions |
| Chuango | G5W | - |
| Chuango | B11 Firmware | All versions |
| Chuango | B11 | - |
| Chuango | A8 Firmware | All versions |
| Chuango | A8 | - |
| Chuango | A11 Firmware | All versions |
| Chuango | A11 | - |
| Chuango | Cg-105S Firmware | All versions |
| Chuango | Cg-105S | - |
References
- https://github.com/RiieCco/write-ups/tree/master/CVE-2019-11561Third Party Advisory
- https://github.com/RiieCco/write-ups/tree/master/CVE-2019-11561Third Party Advisory
FAQ
What is CVE-2019-11561?
CVE-2019-11561 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. When the condition is triggered, the OV2 base station is unable to process sensor states and effectively pre...
How severe is CVE-2019-11561?
CVE-2019-11561 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-11561?
Check the references section above for vendor advisories and patch information. Affected products include: Chuango H4 Plus Firmware, Chuango H4 Plus, Chuango Awv Plus Firmware, Chuango Awv Plus, Chuango G5W 3G Firmware.