CVE-2020-12834
Published May 15, 2020
Last updated 4 years ago
Overview
- Description
- eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset).
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-276
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C2CF19C-7EDE-4E3C-A736-E6736FF03FDC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01848E5D-7A8C-4DAD-967D-E29FB129C2EF",
"versionEndIncluding": "2.51.6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "33113AD0-F378-49B2-BCFC-C57B52FD3A04"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62962D0F-9A5C-4A4A-81CE-1D0A0B54434F",
"versionEndIncluding": "3.51.6"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]