CVE-2021-3793 — MEDIUM (6.5)

Q: How severe is CVE-2021-3793?

CVE-2021-3793 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-3793?

Check the references section above for vendor advisories and patch information. Affected products include: Binatoneglobal Halo\+ Camera Firmware, Binatoneglobal Halo\+ Camera, Binatoneglobal Comfort 85 Connect Firmware, Binatoneglobal Comfort 85 Connect, Binatoneglobal Mbp3855 Firmware.

Vulnerability Description

An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Binatoneglobal	Halo\+ Camera Firmware	< 03.50.14
Binatoneglobal	Halo\+ Camera	-
Binatoneglobal	Comfort 85 Connect Firmware	< 03.40.02
Binatoneglobal	Comfort 85 Connect	-
Binatoneglobal	Mbp3855 Firmware	< 03.40.00
Binatoneglobal	Mbp3855	-
Binatoneglobal	Focus 68 Firmware	-
Binatoneglobal	Focus 68	v100
Binatoneglobal	Focus 72R Firmware	< 03.40.00
Binatoneglobal	Focus 72R	v100
Binatoneglobal	Cn28 Firmware	-
Binatoneglobal	Cn28	-
Binatoneglobal	Cn50 Firmware	-
Binatoneglobal	Cn50	-
Binatoneglobal	Comfort 40 Firmware	-
Binatoneglobal	Comfort 40	-
Binatoneglobal	Comfort 50 Connect Firmware	-
Binatoneglobal	Comfort 50 Connect	-
Binatoneglobal	Mbp4855 Firmware	-
Binatoneglobal	Mbp4855	-

Related Weaknesses (CWE)

CWE-424

References

https://binatoneglobal.com/security-advisory/Vendor Advisory
https://binatoneglobal.com/security-advisory/Vendor Advisory

FAQ

What is CVE-2021-3793?

CVE-2021-3793 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access adminis...

How severe is CVE-2021-3793?

CVE-2021-3793 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3793?

Check the references section above for vendor advisories and patch information. Affected products include: Binatoneglobal Halo\+ Camera Firmware, Binatoneglobal Halo\+ Camera, Binatoneglobal Comfort 85 Connect Firmware, Binatoneglobal Comfort 85 Connect, Binatoneglobal Mbp3855 Firmware.