CVE-2020-3929

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:usavisionsys:geovision_gv-as210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:usavisionsys:geovision_gv-as210:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:usavisionsys:geovision_gv-as410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:usavisionsys:geovision_gv-as410:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:usavisionsys:geovision_gv-as810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:usavisionsys:geovision_gv-as810:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:usavisionsys:geovision_gv-as1010_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:usavisionsys:geovision_gv-as1010:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:usavisionsys:geovision_gv-gf192x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:usavisionsys:geovision_gv-gf192x:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:31

Type Values Removed Values Added
References () https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html - Third Party Advisory () https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html - Third Party Advisory

Information

Published : 2020-06-12 09:15

Updated : 2024-11-21 05:31


NVD link : CVE-2020-3929

Mitre link : CVE-2020-3929

CVE.ORG link : CVE-2020-3929


JSON object : View

Products Affected

usavisionsys

  • geovision_gv-as810_firmware
  • geovision_gv-gf192x
  • geovision_gv-as410
  • geovision_gv-as1010_firmware
  • geovision_gv-as1010
  • geovision_gv-gf192x_firmware
  • geovision_gv-as810
  • geovision_gv-as410_firmware
  • geovision_gv-as210
  • geovision_gv-as210_firmware
CWE
CWE-326

Inadequate Encryption Strength