Description
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-034.txt
Scores
CVSS v3
9.8
EPSS
0.0215
EPSS Percentile
79.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-330
Status
published
Products (3)
abus/secvest_wireless_alarm_system_fuaa50000_firmware
3.01.01
abus/secvest_wireless_remote_control_fube50014_firmware
abus/secvest_wireless_remote_control_fube50015_firmware
Published
Mar 27, 2019
Tracked Since
Feb 18, 2026