Description
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103721
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-100-01
Scores
CVSS v3
3.1
EPSS
0.0018
EPSS Percentile
7.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-311
Status
published
Products (4)
atisystem/alert4000_firmware
atisystem/hpss16_firmware
atisystem/hpss32_firmware
atisystem/mhpss_firmware
Published
May 25, 2018
Tracked Since
Feb 18, 2026