CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-28973

The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://eye.security/en/blog/breaking-abus-secvest-internet-connected-alarm-systems-cve-2020-28973
https://eye.security/en/blog/breaking-abus-secvest-internet-connected-alarm-systems-cve-2020-28973

Products affected by CVE-2020-28973

Abus » Secvest Wireless Alarm System Fuaa50000 » Version: N/A

cpe:2.3:h:abus:secvest_wireless_alarm_system_fuaa50000:-
Abus » Secvest Wireless Alarm System Fuaa50000 Firmware » Version: 3.01.17

cpe:2.3:o:abus:secvest_wireless_alarm_system_fuaa50000_firmware:3.01.17

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28973

Products

Pricing

Contact Us