ID

VAR-202111-0509


CVE

CVE-2021-3793


TITLE

plural  Motorola-branded Binatone Hubble  Vulnerability in camera

Trust: 0.8

sources: JVNDB: JVNDB-2021-014945

DESCRIPTION

An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware. plural Motorola-branded Binatone Hubble The camera has an unspecified vulnerability.Information may be obtained. Binatone Motorola-branded Camera is a Motorola-branded camera produced by Binatone authorized by Binatone

Trust: 2.16

sources: NVD: CVE-2021-3793 // JVNDB: JVNDB-2021-014945 // CNVD: CNVD-2022-77543

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-77543

AFFECTED PRODUCTS

vendor:binatoneglobalmodel:cn28scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:cn75scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:mbp4855scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:cn50scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:mbp3667scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:connect view 65scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:focus 72rscope:ltversion:03.40.00

Trust: 1.0

vendor:binatoneglobalmodel:halo\+ camerascope:ltversion:03.50.14

Trust: 1.0

vendor:binatoneglobalmodel:connect 20scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:lux 64scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:mbp3855scope:ltversion:03.40.00

Trust: 1.0

vendor:binatoneglobalmodel:lux 65scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:comfort 85 connectscope:ltversion:03.40.02

Trust: 1.0

vendor:binatoneglobalmodel:cn40scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:comfort 40scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:focus 68scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:comfort 50 connectscope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:ease44scope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:lux 85 connectscope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:mbp669 connectscope:eqversion: -

Trust: 1.0

vendor:binatoneglobalmodel:mbp6855scope:eqversion: -

Trust: 1.0

vendor:binatone globalmodel:comfort 50 connectscope: - version: -

Trust: 0.8

vendor:binatone globalmodel:comfort 40scope: - version: -

Trust: 0.8

vendor:binatone globalmodel:cn28scope: - version: -

Trust: 0.8

vendor:binatone globalmodel:cn50scope: - version: -

Trust: 0.8

vendor:binatone globalmodel:mbp3855scope: - version: -

Trust: 0.8

vendor:binatone globalmodel:halo+ カメラscope: - version: -

Trust: 0.8

vendor:binatone globalmodel:mbp4855scope: - version: -

Trust: 0.8

vendor:binatone globalmodel:focus 72rscope: - version: -

Trust: 0.8

vendor:binatone globalmodel:comfort 85 connectscope: - version: -

Trust: 0.8

vendor:binatone globalmodel:focus 68scope: - version: -

Trust: 0.8

vendor:binatonemodel:motorola-branded camerascope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-77543 // JVNDB: JVNDB-2021-014945 // NVD: CVE-2021-3793

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-3793
value: MEDIUM

Trust: 1.0

psirt@lenovo.com: CVE-2021-3793
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-3793
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-77543
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202111-1180
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2021-3793
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-77543
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-3793
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

psirt@lenovo.com: CVE-2021-3793
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.5
version: 3.1

Trust: 1.0

NVD: CVE-2021-3793
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-77543 // JVNDB: JVNDB-2021-014945 // CNNVD: CNNVD-202111-1180 // NVD: CVE-2021-3793 // NVD: CVE-2021-3793

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-424

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014945 // NVD: CVE-2021-3793

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-1180

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202111-1180

PATCH

title:Binatone Motorola-branded Camera Vulnerabilitiesurl:https://binatoneglobal.com/security-advisory/

Trust: 0.8

title:Patch for Binatone Motorola-branded Camera Access Control Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/360866

Trust: 0.6

title:Binatone Motorola-branded Camera Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=170337

Trust: 0.6

sources: CNVD: CNVD-2022-77543 // JVNDB: JVNDB-2021-014945 // CNNVD: CNNVD-202111-1180

EXTERNAL IDS

db:NVDid:CVE-2021-3793

Trust: 3.8

db:JVNDBid:JVNDB-2021-014945

Trust: 0.8

db:CNVDid:CNVD-2022-77543

Trust: 0.6

db:CNNVDid:CNNVD-202111-1180

Trust: 0.6

sources: CNVD: CNVD-2022-77543 // JVNDB: JVNDB-2021-014945 // CNNVD: CNNVD-202111-1180 // NVD: CVE-2021-3793

REFERENCES

url:https://binatoneglobal.com/security-advisory/

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3793

Trust: 1.4

sources: CNVD: CNVD-2022-77543 // JVNDB: JVNDB-2021-014945 // CNNVD: CNNVD-202111-1180 // NVD: CVE-2021-3793

SOURCES

db:CNVDid:CNVD-2022-77543
db:JVNDBid:JVNDB-2021-014945
db:CNNVDid:CNNVD-202111-1180
db:NVDid:CVE-2021-3793

LAST UPDATE DATE

2024-11-23T22:33:00.255000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-77543date:2022-11-16T00:00:00
db:JVNDBid:JVNDB-2021-014945date:2022-11-02T05:33:00
db:CNNVDid:CNNVD-202111-1180date:2022-10-28T00:00:00
db:NVDid:CVE-2021-3793date:2024-11-21T06:22:27

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-77543date:2022-11-16T00:00:00
db:JVNDBid:JVNDB-2021-014945date:2022-11-02T00:00:00
db:CNNVDid:CNNVD-202111-1180date:2021-11-12T00:00:00
db:NVDid:CVE-2021-3793date:2021-11-12T22:15:08.473