Vulnerability Details CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are not accepted anymore.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-9860
-
cpe:2.3:h:abus:secvest_wireless_alarm_system_fuaa50000:-
-
cpe:2.3:h:abus:secvest_wireless_remote_control_fube50014:-
-
cpe:2.3:h:abus:secvest_wireless_remote_control_fube50015:-
-
cpe:2.3:o:abus:secvest_wireless_alarm_system_fuaa50000_firmware:3.01.01
-
cpe:2.3:o:abus:secvest_wireless_remote_control_fube50014_firmware:-
-
cpe:2.3:o:abus:secvest_wireless_remote_control_fube50015_firmware:-