Sign-up

ID

VAR-202407-2538


CVE

CVE-2019-20461


TITLE

Alecto IVM-100 2019-11-12 Missing Authentication

Trust: 0.1

sources: PACKETSTORM: 179810

DESCRIPTION

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side. ------------------------------------------ [Vulnerability Type] Incorrect Access Control ------------------------------------------ [Vendor of Product] Alecto ------------------------------------------ [Affected Product Code Base] Alecto-IVM-100 - Exact version unknown ------------------------------------------ [Affected Component] Video and audio stream of the camera. ------------------------------------------ [Attack Type] Remote ------------------------------------------ [Impact Information Disclosure] true ------------------------------------------ [Attack Vectors] An attacker requires knowledge of the encoded UID (can be obtained by sniffing or enumerating). Once this knowledge has been obtained, the attacker can set up a video/audio system from anywhere. ------------------------------------------ [Has vendor confirmed or acknowledged the vulnerability?] true ------------------------------------------ [Discoverer] Willem Westerhof, Jasper Nota, Martijn Baalman from Qbit cyber security in cooperation with The Dutch consumer organisation ------------------------------------------ [Reference] https://www.alecto.nl Use CVE-2019-20461

Trust: 0.99

sources: NVD: CVE-2019-20461 // PACKETSTORM: 179810

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2019-20461
value: CRITICAL

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2019-20461
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2019-20461

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.0

sources: NVD: CVE-2019-20461

EXTERNAL IDS

db:NVDid:CVE-2019-20461

Trust: 1.2

db:OTHERid:NONE

Trust: 0.1

db:PACKETSTORMid:179810

Trust: 0.1

sources: OTHER: None // PACKETSTORM: 179810 // NVD: CVE-2019-20461

REFERENCES

url:https://www.alecto.nl

Trust: 1.1

url:https://seclists.org/fulldisclosure/2024/jul/14

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-20461

Trust: 0.1

sources: PACKETSTORM: 179810 // NVD: CVE-2019-20461

CREDITS

Willem Westerhof | Secura

Trust: 0.1

sources: OTHER: None

SOURCES

db:OTHERid: -
db:PACKETSTORMid:179810
db:NVDid:CVE-2019-20461

LAST UPDATE DATE

2025-01-30T20:07:00.895000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2019-20461date:2024-11-08T19:01:03.880

SOURCES RELEASE DATE

db:OTHERid: - date:2024-07-26T13:11:06
db:PACKETSTORMid:179810date:2024-07-30T12:35:43
db:NVDid:CVE-2019-20461date:2024-11-07T21:15:05.400