9.8
CVE-2019-15911
- EPSS 0.67%
- Published 20.12.2019 17:15:11
- Last modified 21.11.2024 04:29:42
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages.
Data is provided by the National Vulnerability Database (NVD)
Asus ≫ Hg100 Firmware Version-
Asus ≫ Mw100 Firmware Version-
Asus ≫ Ws-101 Firmware Version-
Asus ≫ Ts-101 Firmware Version-
Asus ≫ As-101 Firmware Version-
Asus ≫ Ms-101 Firmware Version-
Asus ≫ Dl-101 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.67% | 0.701 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.