CVE-2019-9582

Published Aug 14, 2019

Last updated 4 years ago

CVSS high 7.5

Overview

Description: eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.35.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2313AB9D-E18F-4603-8CE5-D0C3D9660785"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFE9F1F1-70FB-470C-8455-201797CA50D5"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CE5BE83-688F-4188-844F-328C846D90C2"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "592EDF0E-792F-4DEC-9926-E33675C5C7C9"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38DF6345-9A75-4E5C-9BEC-CB6A0767E739"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1FA10A6-D09E-44EC-ABEB-49CFA8780456"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E02A84D1-C6F6-4DE0-88A3-85F41A90D9EB"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84030C3C-ED0D-4CB5-863C-F5663AE4AFE1"
          },
          {
            "criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F03E1DE6-70FF-4EE9-A3E2-44020B64ADDB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C2CF19C-7EDE-4E3C-A736-E6736FF03FDC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References