CVE-2019-3938
HIGHCrestron AM-100 and AM-101 - Insufficiently Protected Credentials in Configuration Export
Title source: llmDescription
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any configuration file since all the encryption logic is hard coded. A local attacker can use this vulnerability to gain access to devices username and passwords.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2019-20
Scores
CVSS v3
7.8
EPSS
0.0026
EPSS Percentile
17.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-522
CWE-798
Status
published
Products (2)
crestron/am-100_firmware
1.6.0.2
crestron/am-101_firmware
2.7.0.2
Published
Apr 30, 2019
Tracked Since
Feb 18, 2026