1. Home
  2. CVE Database
  3. CVE-2019-15911
CRITICAL · 9.8

CVE-2019-15911

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive...

Vulnerability Description

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
AsusHg100 Firmware-
AsusHg100-
AsusMw100 Firmware-
AsusMw100-
AsusWs-101 Firmware-
AsusWs-101-
AsusTs-101 Firmware-
AsusTs-101-
AsusAs-101 Firmware-
AsusAs-101-
AsusMs-101 Firmware-
AsusMs-101-
AsusDl-101 Firmware-
AsusDl-101-

Related Weaknesses (CWE)

CWE-319

References

FAQ

What is CVE-2019-15911?

CVE-2019-15911 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive...

How severe is CVE-2019-15911?

CVE-2019-15911 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-15911?

Check the references section above for vendor advisories and patch information. Affected products include: Asus Hg100 Firmware, Asus Hg100, Asus Mw100 Firmware, Asus Mw100, Asus Ws-101 Firmware.