CVE-2019-15914

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_1.md	Exploit Third Party Advisory
https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_2.md	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:mi:dgnwg03lm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:dgnwg03lm:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:mi:zncz03lm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:zncz03lm:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:mi:mccgq01lm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:mccgq01lm:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:mi:wsdcgq01lm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:wsdcgq01lm:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:mi:rtcgq01lm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:rtcgq01lm:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-20 17:15

Updated : 2024-02-04 20:39

NVD link : CVE-2019-15914

Mitre link : CVE-2019-15914

CVE.ORG link : CVE-2019-15914

JSON object : View

Products Affected

mi

dgnwg03lm
dgnwg03lm_firmware
rtcgq01lm_firmware
zncz03lm_firmware
wsdcgq01lm_firmware
rtcgq01lm
zncz03lm
mccgq01lm_firmware
mccgq01lm
wsdcgq01lm

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2019-15914", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-12-20T17:15:11.643", "references": [{"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_1.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_2.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM. Los atacantes pueden utilizar el procedimiento de reincorporaci\u00f3n del centro de confianza ZigBee para realizar m\u00faltiples ataques de denegaci\u00f3n de servicio."}], "lastModified": "2020-01-03T14:59:16.153", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:dgnwg03lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18E6AAD6-8A61-4E16-8387-ADEDD63BA7DC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:dgnwg03lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFD6A160-4E8B-485F-8EC1-C4D52F002875"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:zncz03lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "454AB732-27E3-412E-AD89-3D62C98B06D3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:zncz03lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "833C0FBE-F3DC-4D28-A996-17E485592046"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:mccgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01F6B64-4DDA-4E51-A9C7-1C6E3E537156"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:mccgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "44AB28D7-A56F-411C-A6EF-7DB42234EDA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:wsdcgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AC2BB24-C436-4862-BB7E-0546430753FF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:wsdcgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "456AE601-26F7-4DB0-9FBE-47D171B20AEC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:rtcgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1ED2FDB-6F55-4FD2-AE4D-E094D875D189"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:rtcgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF98F7C8-9B48-4594-AECA-E044268CDDBA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}