Overview
- Description
- The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an attacker to disarm the wireless alarm system.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.8
- Impact score
- 4.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-319
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abus:secvest_wireless_control_fube50001_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF98EA46-420F-4C38-AA1B-4872263F1F91"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abus:secvest_wireless_control_fube50001:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8E0F6799-5F51-4E47-83B0-FBD224E5339F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]