CVE-2019-9860
HIGHABUS Secvest FUAA50000 3.01.01 Cleartext Transmission of Sensitive Information
Title source: llmDescription
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are not accepted anymore.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-036.txt
Scores
CVSS v3
7.5
EPSS
0.0084
EPSS Percentile
52.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-319
CWE-330
Status
published
Products (3)
abus/secvest_wireless_alarm_system_fuaa50000_firmware
3.01.01
abus/secvest_wireless_remote_control_fube50014_firmware
abus/secvest_wireless_remote_control_fube50015_firmware
Published
Mar 27, 2019
Tracked Since
Feb 18, 2026