CVE-2021-3791 — MEDIUM (6.5)

Q: How severe is CVE-2021-3791?

CVE-2021-3791 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-3791?

Check the references section above for vendor advisories and patch information. Affected products include: Binatoneglobal Halo\+ Camera Firmware, Binatoneglobal Halo\+ Camera, Binatoneglobal Comfort 85 Connect Firmware, Binatoneglobal Comfort 85 Connect, Binatoneglobal Mbp3855 Firmware.

Vulnerability Description

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Binatoneglobal	Halo\+ Camera Firmware	< 03.50.14
Binatoneglobal	Halo\+ Camera	-
Binatoneglobal	Comfort 85 Connect Firmware	< 03.40.02
Binatoneglobal	Comfort 85 Connect	-
Binatoneglobal	Mbp3855 Firmware	< 03.40.00
Binatoneglobal	Mbp3855	-
Binatoneglobal	Focus 68 Firmware	-
Binatoneglobal	Focus 68	v100
Binatoneglobal	Focus 72R Firmware	< 03.40.00
Binatoneglobal	Focus 72R	v100
Binatoneglobal	Cn28 Firmware	-
Binatoneglobal	Cn28	-
Binatoneglobal	Cn50 Firmware	-
Binatoneglobal	Cn50	-
Binatoneglobal	Comfort 40 Firmware	-
Binatoneglobal	Comfort 40	-
Binatoneglobal	Comfort 50 Connect Firmware	-
Binatoneglobal	Comfort 50 Connect	-
Binatoneglobal	Mbp4855 Firmware	-
Binatoneglobal	Mbp4855	-

Related Weaknesses (CWE)

CWE-532

References

https://binatoneglobal.com/security-advisory/Vendor Advisory
https://binatoneglobal.com/security-advisory/Vendor Advisory

FAQ

What is CVE-2021-3791?

CVE-2021-3791 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file ...

How severe is CVE-2021-3791?

CVE-2021-3791 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3791?

Check the references section above for vendor advisories and patch information. Affected products include: Binatoneglobal Halo\+ Camera Firmware, Binatoneglobal Halo\+ Camera, Binatoneglobal Comfort 85 Connect Firmware, Binatoneglobal Comfort 85 Connect, Binatoneglobal Mbp3855 Firmware.