GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
21 Nov 2024, 05:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html - Third Party Advisory |
Information
Published : 2020-06-12 09:15
Updated : 2024-11-21 05:31
NVD link : CVE-2020-3929
Mitre link : CVE-2020-3929
CVE.ORG link : CVE-2020-3929
JSON object : View
Products Affected
usavisionsys
- geovision_gv-as810_firmware
- geovision_gv-gf192x
- geovision_gv-as410
- geovision_gv-as1010_firmware
- geovision_gv-as1010
- geovision_gv-gf192x_firmware
- geovision_gv-as810
- geovision_gv-as410_firmware
- geovision_gv-as210
- geovision_gv-as210_firmware
CWE
CWE-326
Inadequate Encryption Strength