Vulnerability Description
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the current rolling code state).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Abus | Secvest Wireless Alarm System Fuaa50000 Firmware | 3.01.01 |
| Abus | Secvest Wireless Alarm System Fuaa50000 | - |
| Abus | Secvest Wireless Remote Control Fube50014 Firmware | - |
| Abus | Secvest Wireless Remote Control Fube50014 | - |
| Abus | Secvest Wireless Remote Control Fube50015 Firmware | - |
| Abus | Secvest Wireless Remote Control Fube50015 | - |
Related Weaknesses (CWE)
References
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.tExploitThird Party Advisory
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.tExploitThird Party Advisory
FAQ
What is CVE-2019-9862?
CVE-2019-9862 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, a...
How severe is CVE-2019-9862?
CVE-2019-9862 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9862?
Check the references section above for vendor advisories and patch information. Affected products include: Abus Secvest Wireless Alarm System Fuaa50000 Firmware, Abus Secvest Wireless Alarm System Fuaa50000, Abus Secvest Wireless Remote Control Fube50014 Firmware, Abus Secvest Wireless Remote Control Fube50014, Abus Secvest Wireless Remote Control Fube50015 Firmware.