Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-20461

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-07 Nov, 2024 | 00:00
Updated At-08 Nov, 2024 | 16:53
Rejected At-
Credits

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:07 Nov, 2024 | 00:00
Updated At:08 Nov, 2024 | 16:53
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.alecto.nl
N/A
https://seclists.org/fulldisclosure/2024/Jul/14
mailing-list
Hyperlink: https://www.alecto.nl
Resource: N/A
Hyperlink: https://seclists.org/fulldisclosure/2024/Jul/14
Resource:
mailing-list
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
alecto
Product
ivm-100_firmware
CPEs
  • cpe:2.3:o:alecto:ivm-100_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 2019-11-12
Problem Types
TypeCWE IDDescription
CWECWE-295CWE-295 Improper Certificate Validation
Type: CWE
CWE ID: CWE-295
Description: CWE-295 Improper Certificate Validation
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:07 Nov, 2024 | 21:15
Updated At:08 Nov, 2024 | 19:01

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-295Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-295
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://seclists.org/fulldisclosure/2024/Jul/14cve@mitre.org
N/A
https://www.alecto.nlcve@mitre.org
N/A
Hyperlink: https://seclists.org/fulldisclosure/2024/Jul/14
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.alecto.nl
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

60Records found
CVE-2020-24714
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.73%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 21:52
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option.

Action-Not Available
Vendor-scalyrn/a
Product-scalyr_agentn/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-1952
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 81.27%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 16:16
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdbIoTDB
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-21654
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-0.06% / 18.84%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 22:35
Updated-23 Apr, 2025 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect configuration handling allows TLS session re-use without re-validation in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.

Action-Not Available
Vendor-envoyproxyenvoyproxy
Product-envoyenvoy
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-22885
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 68.98%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 21:56
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.

Action-Not Available
Vendor-hutooln/a
Product-hutooln/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-12637
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.54%
||
7 Day CHG~0.00%
Published-09 May, 2020 | 16:23
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.

Action-Not Available
Vendor-zulipchatn/a
Product-zulip_desktopn/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2021-43882
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9||CRITICAL
EPSS-0.58% / 67.84%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 14:15
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Defender for IoT Remote Code Execution Vulnerability

Microsoft Defender for IoT Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-defender_for_iotMicrosoft Defender for IoT
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-37437
Matching Score-4
Assigner-Splunk Inc.
ShareView Details
Matching Score-4
Assigner-Splunk Inc.
CVSS Score-7.4||HIGH
EPSS-0.26% / 48.97%
||
7 Day CHG-0.03%
Published-16 Aug, 2022 | 19:50
Updated-16 Sep, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation

When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions.

Action-Not Available
Vendor-Splunk LLC (Cisco Systems, Inc.)
Product-splunkSplunk Enterprise
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-35898
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 26.28%
||
7 Day CHG~0.00%
Published-01 May, 2023 | 00:00
Updated-30 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. This allows any authenticated user to change the password of any other user, including the Administrator account.

Action-Not Available
Vendor-n/aOpen Text Corporation
Product-bizmanagern/a
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-287
Improper Authentication
CVE-2024-49369
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-17.66% / 94.84%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:44
Updated-13 Nov, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted cluster nodes as well as any API users that use TLS client certificates for authentication (ApiUser objects with the client_cn attribute set). This vulnerability has been fixed in v2.14.3, v2.13.10, v2.12.11, and v2.11.12.

Action-Not Available
Vendor-Icingaicinga
Product-icinga2icinga_web_2
CWE ID-CWE-295
Improper Certificate Validation
CVE-2021-33907
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.39% / 88.55%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 13:55
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.

Action-Not Available
Vendor-n/aZoom Communications, Inc.
Product-meetingsZoom Client for Meetings for Windows
CWE ID-CWE-295
Improper Certificate Validation
  • Previous
  • 1
  • 2
  • Next
Details not found