Description
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the current rolling code state).
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.txt
Scores
CVSS v3
6.5
EPSS
0.0064
EPSS Percentile
45.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-311
Status
published
Products (3)
abus/secvest_wireless_alarm_system_fuaa50000_firmware
3.01.01
abus/secvest_wireless_remote_control_fube50014_firmware
abus/secvest_wireless_remote_control_fube50015_firmware
Published
Mar 27, 2019
Tracked Since
Feb 18, 2026