CVE-2013-4860

Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors.

CVSS v2.0 8.3 HIGH

8.3^/10

CVSS v2.0 : HIGH

Vector : AV:A/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 6.5 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/122657/Radio-Thermostat-Of-America-Inc-Lack-Of-Authentication.html
http://www.securityfocus.com/bid/61581
https://exchange.xforce.ibmcloud.com/vulnerabilities/86197

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:radiothermostat:ct50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:radiothermostat:ct50:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:radiothermostat:ct80_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:radiothermostat:ct80:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-06-05 20:55

Updated : 2024-02-04 18:35

NVD link : CVE-2013-4860

Mitre link : CVE-2013-4860

CVE.ORG link : CVE-2013-4860

JSON object : View

Products Affected

radiothermostat

ct50
ct80_firmware
ct80
ct50_firmware

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2013-4860", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-06-05T20:55:05.517", "references": [{"url": "http://packetstormsecurity.com/files/122657/Radio-Thermostat-Of-America-Inc-Lack-Of-Authentication.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/61581", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86197", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors."}, {"lang": "es", "value": "Radio Thermostat CT80 And CT50 con firmware 1.4.64 y anteriores no restringe acceso a la API, lo que permite a atacantes remotos cambiar el modo de operaci\u00f3n, configuraciones de conexi\u00f3n wifi, umbrales de temperatura y otras configuraciones a trav\u00e9s de vectores no especificados."}], "lastModified": "2017-08-29T01:33:40.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:radiothermostat:ct50_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3625C99D-EAB1-4919-A708-FDD59C5745A0", "versionEndIncluding": "1.4.64"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:radiothermostat:ct50:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13E0CACE-02E9-4250-AF18-C841F6859D49"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:radiothermostat:ct80_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "371ED3AC-FC4B-4BD7-A29F-B166D0245E1B", "versionEndIncluding": "1.4.64"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:radiothermostat:ct80:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1837925F-485B-49DF-9C29-094C8721D5AC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}