CVE-2021-3788
12.11.2021, 22:15
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.Enginsight
| Vendor | Product | Version |
|---|---|---|
| binatoneglobal | halo\+_camera_firmware | 𝑥 < 03.50.14 |
| binatoneglobal | comfort_85_connect_firmware | 𝑥 < 03.40.02 |
| binatoneglobal | mbp3855_firmware | 𝑥 < 03.40.00 |
| binatoneglobal | focus_68_firmware | - |
| binatoneglobal | focus_68_firmware | - |
| binatoneglobal | focus_72r_firmware | 𝑥 < 03.40.00 |
| binatoneglobal | focus_72r_firmware | 𝑥 < 03.40.00 |
| binatoneglobal | cn28_firmware | - |
| binatoneglobal | cn50_firmware | - |
| binatoneglobal | comfort_40_firmware | - |
| binatoneglobal | comfort_50_connect_firmware | - |
| binatoneglobal | mbp4855_firmware | - |
| binatoneglobal | mbp3667_firmware | - |
| binatoneglobal | mbp669_connect_firmware | - |
| binatoneglobal | lux_64_firmware | - |
| binatoneglobal | lux_65_firmware | - |
| binatoneglobal | connect_view_65_firmware | - |
| binatoneglobal | lux_85_connect_firmware | - |
| binatoneglobal | ease44_firmware | - |
| binatoneglobal | connect_20_firmware | - |
| binatoneglobal | mbp6855_firmware | - |
| binatoneglobal | cn40_firmware | - |
| binatoneglobal | cn75_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-1299 - Missing Protection Mechanism for Alternate Hardware InterfaceThe lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path.
- CWE-287 - Improper AuthenticationWhen an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.