Published: 14/08/2019 Updated: 10/04/2020

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.2 | Impact Score: 4.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.

Vulnerable Product	Search on Vulmon	Subscribe to Product
eq-3 homematic_ccu3_firmware 3.41.11
eq-3 homematic_ccu3_firmware 3.43.16
eq-3 homematic_ccu3_firmware 3.45.5
eq-3 homematic_ccu3_firmware 3.45.7
eq-3 homematic_ccu3_firmware 3.47.10
eq-3 homematic_ccu3_firmware 3.47.15
eq-3 homematic_ccu2_firmware -
eq-3 homematic_ccu2_firmware 2.35.16
eq-3 homematic_ccu2_firmware 2.41.5
eq-3 homematic_ccu2_firmware 2.41.8
eq-3 homematic_ccu2_firmware 2.41.9
eq-3 homematic_ccu2_firmware 2.45.6
eq-3 homematic_ccu2_firmware 2.45.7
eq-3 homematic_ccu2_firmware 2.47.10
eq-3 homematic_ccu2_firmware 2.47.12
eq-3 homematic_ccu2_firmware 2.47.15

CWE-400 https://github.com/psytester/psytester.github.io/blob/master/_posts/hacking_and_pentests/CVEs/2019-03-27-CVE-2019-9583.md https://psytester.github.io/CVE-2019-9583/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-9583

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect