Vulnerability Description
Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Abus | Secvest Wireless Alarm System Fuaa50000 Firmware | 3.01.01 |
| Abus | Secvest Wireless Alarm System Fuaa50000 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/152714/ABUS-Secvest-3.01.01-Cryptographic-IExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2019/May/3ExploitMailing ListThird Party Advisory
- https://seclists.org/bugtraq/2019/May/1ExploitMailing ListThird Party Advisory
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-005.tExploitThird Party Advisory
- http://packetstormsecurity.com/files/152714/ABUS-Secvest-3.01.01-Cryptographic-IExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2019/May/3ExploitMailing ListThird Party Advisory
- https://seclists.org/bugtraq/2019/May/1ExploitMailing ListThird Party Advisory
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-005.tExploitThird Party Advisory
FAQ
What is CVE-2019-9861?
CVE-2019-9861 is a vulnerability with a CVSS score of 8.1 (HIGH). Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate t...
How severe is CVE-2019-9861?
CVE-2019-9861 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9861?
Check the references section above for vendor advisories and patch information. Affected products include: Abus Secvest Wireless Alarm System Fuaa50000 Firmware, Abus Secvest Wireless Alarm System Fuaa50000.