CVE-2021-3789

MEDIUM

Motorola-branded Binatone Hubble Cameras - Info Disclosure

Title source: llm

Description

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages.

References (1)

[Vendor Advisory] https://binatoneglobal.com/security-advisory/

Scores

CVSS v3 4.2

EPSS 0.0001

EPSS Percentile 2.6%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522 CWE-326

Status published

Affected Products (21)

binatoneglobal/halo\+_camera_firmware < 03.50.14

binatoneglobal/comfort_85_connect_firmware < 03.40.02

binatoneglobal/mbp3855_firmware < 03.40.00

binatoneglobal/focus_68_firmware

binatoneglobal/focus_72r_firmware < 03.40.00

binatoneglobal/cn28_firmware

binatoneglobal/cn50_firmware

binatoneglobal/comfort_40_firmware

binatoneglobal/comfort_50_connect_firmware

binatoneglobal/mbp4855_firmware

binatoneglobal/mbp3667_firmware

binatoneglobal/mbp669_connect_firmware

binatoneglobal/lux_64_firmware

binatoneglobal/lux_65_firmware

binatoneglobal/connect_view_65_firmware

... and 6 more

Timeline

Published Nov 12, 2021

Tracked Since Feb 18, 2026