TROYANOSYVIRUS
Retour aux CVEs

CVE-2019-18226

CRITICAL
9.8

Description

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.

Details CVE

Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie10/31/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

honeywell:h2w2gr1honeywell:h2w2gr1_firmwarehoneywell:h2w2pc1mhoneywell:h2w2pc1m_firmwarehoneywell:h2w2per3honeywell:h2w2per3_firmwarehoneywell:h2w4per3honeywell:h2w4per3_firmwarehoneywell:h3w2gr1honeywell:h3w2gr1_firmwarehoneywell:h3w2gr1vhoneywell:h3w2gr1v_firmwarehoneywell:h3w2gr2honeywell:h3w2gr2_firmwarehoneywell:h3w4gr1honeywell:h3w4gr1_firmwarehoneywell:h3w4gr1vhoneywell:h3w4gr1v_firmwarehoneywell:h4d8gr1honeywell:h4d8gr1_firmwarehoneywell:h4l2gr1honeywell:h4l2gr1_firmwarehoneywell:h4l2gr1vhoneywell:h4l2gr1v_firmwarehoneywell:h4l6gr2honeywell:h4l6gr2_firmwarehoneywell:h4w2gr1honeywell:h4w2gr1_firmwarehoneywell:h4w2gr1vhoneywell:h4w2gr1v_firmwarehoneywell:h4w2gr2honeywell:h4w2gr2_firmwarehoneywell:h4w2per2honeywell:h4w2per2_firmwarehoneywell:h4w2per3honeywell:h4w2per3_firmwarehoneywell:h4w4gr1honeywell:h4w4gr1_firmwarehoneywell:h4w4gr1vhoneywell:h4w4gr1v_firmwarehoneywell:h4w4per2honeywell:h4w4per2_firmwarehoneywell:h4w4per3honeywell:h4w4per3_firmwarehoneywell:h4w8pr2honeywell:h4w8pr2_firmwarehoneywell:hbd2per1honeywell:hbd2per1_firmwarehoneywell:hbd8gr1honeywell:hbd8gr1_firmwarehoneywell:hbl2gr1vhoneywell:hbl2gr1v_firmwarehoneywell:hbl6gr2honeywell:hbl6gr2_firmwarehoneywell:hbw2gr1vhoneywell:hbw2gr1v_firmwarehoneywell:hbw2gr3vhoneywell:hbw2gr3v_firmwarehoneywell:hbw2per1honeywell:hbw2per1_firmwarehoneywell:hbw2per2honeywell:hbw2per2_firmwarehoneywell:hbw4gr1vhoneywell:hbw4gr1v_firmwarehoneywell:hbw4per1honeywell:hbw4per1_firmwarehoneywell:hbw4per2honeywell:hbw4per2_firmwarehoneywell:hbw4pgr1honeywell:hbw4pgr1_firmwarehoneywell:hbw8pr2honeywell:hbw8pr2_firmwarehoneywell:hcd8ghoneywell:hcd8g_firmwarehoneywell:hcl2ghoneywell:hcl2g_firmwarehoneywell:hcl2gvhoneywell:hcl2gv_firmwarehoneywell:hcw2ghoneywell:hcw2g_firmwarehoneywell:hcw2gvhoneywell:hcw2gv_firmwarehoneywell:hcw4ghoneywell:hcw4g_firmwarehoneywell:hdz302dhoneywell:hdz302d_firmwarehoneywell:hdz302dehoneywell:hdz302de_firmwarehoneywell:hdz302din-c1honeywell:hdz302din-c1_firmwarehoneywell:hdz302din-s1honeywell:hdz302din-s1_firmwarehoneywell:hdz302likhoneywell:hdz302lik_firmwarehoneywell:hdz302liwhoneywell:hdz302liw_firmwarehoneywell:hdzp252dihoneywell:hdzp252di_firmwarehoneywell:hdzp304dihoneywell:hdzp304di_firmwarehoneywell:hed2per3honeywell:hed2per3_firmwarehoneywell:hepz302w0honeywell:hepz302w0_firmwarehoneywell:hew2per2honeywell:hew2per2_firmwarehoneywell:hew2per3honeywell:hew2per3_firmwarehoneywell:hew4per2bhoneywell:hew4per2b_firmwarehoneywell:hew4per3honeywell:hew4per3_firmwarehoneywell:hew4per3bhoneywell:hew4per3b_firmwarehoneywell:hfd6gr1honeywell:hfd6gr1_firmwarehoneywell:hfd8gr1honeywell:hfd8gr1_firmwarehoneywell:hm4l8gr1honeywell:hm4l8gr1_firmwarehoneywell:hmbl8gr1honeywell:hmbl8gr1_firmwarehoneywell:hpw2p1honeywell:hpw2p1_firmwarehoneywell:hsw2g1honeywell:hsw2g1_firmwarehoneywell:hswb2g1honeywell:hswb2g1_firmware

Faiblesses (CWE)

CWE-294CWE-294

References

https://www.us-cert.gov/ics/advisories/icsa-19-304-04(ics-cert@hq.dhs.gov)
https://www.us-cert.gov/ics/advisories/icsa-19-304-04(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.