Vulnerability Description
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amino | Ak45X Firmware | - |
| Amino | Ak45X | - |
| Amino | Ak5Xx Firmware | - |
| Amino | Ak5Xx | - |
| Amino | Ak65X Firmware | - |
| Amino | Ak65X | - |
| Amino | Aria6Xx Firmware | - |
| Amino | Aria6Xx | - |
| Amino | Aria7Xx Firmware | - |
| Amino | Aria7Xx | - |
| Amino | Kami7B Firmware | - |
| Amino | Kami7B | - |
Related Weaknesses (CWE)
References
- https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#dda4ExploitThird Party Advisory
- https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#dda4ExploitThird Party Advisory
FAQ
What is CVE-2020-10206?
CVE-2020-10206 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact wi...
How severe is CVE-2020-10206?
CVE-2020-10206 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-10206?
Check the references section above for vendor advisories and patch information. Affected products include: Amino Ak45X Firmware, Amino Ak45X, Amino Ak5Xx Firmware, Amino Ak5Xx, Amino Ak65X Firmware.