| |
Vulnerability CVE-2019-15911
Published: 2019-12-20
Description: |
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages. |
Type:
CWE-319 (Cleartext Transmission of Sensitive Information)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15911.md
|
|
|
Copyright 2024, cxsecurity.com
|
|
|