Vulnerability Description
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.
CVSS Score
6.8
MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | Blink Xt2 Sync Module Firmware | < 2.13.11 |
| Amazon | Blink Xt2 Sync Module | - |
Related Weaknesses (CWE)
References
- https://www.tenable.com/security/research/tra-2019-51ExploitThird Party Advisory
- https://www.tenable.com/security/research/tra-2019-51ExploitThird Party Advisory
FAQ
What is CVE-2019-3983?
CVE-2019-3983 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.
How severe is CVE-2019-3983?
CVE-2019-3983 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-3983?
Check the references section above for vendor advisories and patch information. Affected products include: Amazon Blink Xt2 Sync Module Firmware, Amazon Blink Xt2 Sync Module.